Revisions of xorg-x11-server
Ana Guerrero (anag+factory)
accepted
request 1166666
from
Stefan Dirsch (sndirsch)
(revision 430)
- U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch * fixes regression for security fix for CVE-2024-31083 (bsc#1222312, boo#1222442, gitlab xserver issue #1659)
Ana Guerrero (anag+factory)
accepted
request 1164516
from
Stefan Dirsch (sndirsch)
(revision 429)
- Security update 21.1.12 This release addresses the following 4 security issues: * CVE-2024-31080 * CVE-2024-31081 * CVE-2024-31082 * CVE-2024-31083 Additionally it provides a way to disable byte-swapped clients either by command line flag or config option. This allows to turn off byte swapping code that has been a source of security problems lately.
Ana Guerrero (anag+factory)
accepted
request 1148344
from
Stefan Dirsch (sndirsch)
(revision 427)
- fix permissions of files in xorg-x11-server-source for tigervnc build later (needed since latest autoconf) - Provide again xorg-x11-server-source * xwayland sources are not meant for a generic server. * https://github.com/TigerVNC/tigervnc/issues/1728 - Stop providing xorg-x11-server-source from xorg-x11-server * Now the sources are provided by xwayland because it is more updated. * Fixes bsc#1219892.
Ana Guerrero (anag+factory)
accepted
request 1146120
from
Stefan Dirsch (sndirsch)
(revision 426)
- Release 21.1.11 also covers fixes for security issue CVE-2022-46340 and bug numbers bsc#1205874, bsc#1217765 - Release 21.1.11 covers fixes for the following bug numbers, which are not mentioned in this changelog before: bsc#1218845, bsc#1218846, bsc#1216261, bsc#1216133, bsc#1216135 - Release 21.1.11 supersedes the following patches still used with xorg-x11-server 21.1.4 on sle15-sp5/Leap 15.5 and not mentioned in this changelog as superseded before: * U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch * U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch * U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch * U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch * U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch * U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch * bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch * bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch * bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch * bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch * bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch * bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch * bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch * U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch * U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch - xserver sources of this release fixes segfault in Xvnc (bsc#1219311)
Ana Guerrero (anag+factory)
accepted
request 1142261
from
Stefan Dirsch (sndirsch)
(revision 425)
- no longer (build-)require obsolete Xprint/XprintUtil
Ana Guerrero (anag+factory)
accepted
request 1139223
from
Stefan Dirsch (sndirsch)
(revision 424)
- Update to version 21.1.11 * This release contains fixes for the issues reported in today's security advisory: https://lists.x.org/archives/xorg/2024-January/061525.html * CVE-2023-6816 (bsc#1218582) * CVE-2024-0229 (bsc#1218583) * CVE-2024-21885 (bsc#1218584) * CVE-2024-21886 (bsc#1218585) * CVE-2024-0408 * CVE-2024-0409 - supersedes the following patches * U_xephyr-Don-t-check-for-SeatId-anymore.patch * U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch * U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
Ana Guerrero (anag+factory)
accepted
request 1137765
from
Stefan Dirsch (sndirsch)
(revision 423)
- u_miCloseScreen_check_for_null_pScreen_dev_private.patch * miCloseScreen check for null pScreen dev private (bsc#1218176); another regression introduced by U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 1137260
from
Stefan Dirsch (sndirsch)
(revision 422)
- n_xserver-optimus-autoconfig-hack.patch u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch u_xfree86-activate-GPU-screens-on-autobind.patch * check dixPrivateKeyRegistered(rrPrivKey) before calling rrGetScrPriv() to avoid xserver crash when Xinerama is enabled (boo#1218240) -------------------------------------------------------------------
Ana Guerrero (anag+factory)
accepted
request 1132834
from
Joan Torres (jtorres)
(revision 421)
- U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch * Out-of-bounds memory write in XKB button actions (CVE-2023-6377, ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765) - U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch * Out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561, bsc#1217766)
Ana Guerrero (anag+factory)
accepted
request 1120244
from
Stefan Dirsch (sndirsch)
(revision 420)
- Update to version 21.1.9 * This release contains fixes for CVE-2023-5367, CVE-2023-5380 and CVE-2023-5574 as reported in today's security advisory: https://lists.x.org/archives/xorg-announce/2023-October/003430.html - adjusted u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 1076666
from
Stefan Dirsch (sndirsch)
(revision 419)
Dominique Leuenberger (dimstar_suse)
accepted
request 1075267
from
Stefan Dirsch (sndirsch)
(revision 418)
This can be checked in now https://lists.x.org/archives/xorg-announce/2023-March/003374.html - U_xserver-composite-Fix-use-after-free-of-the-COW.patch * overlay window use-after-free (CVE-2023-1393, ZDI-CAN-19866, bsc#1209543)
Dominique Leuenberger (dimstar_suse)
accepted
request 1063640
from
Stefan Dirsch (sndirsch)
(revision 417)
- Update to version xorg-server-21.1.7: * This release contains the fix for CVE-2023-0494 in today's security advisory: https://lists.x.org/archives/xorg-announce/2023-February/003320.html It also fixes a second possible OOB access during EnqueueEvent and a crasher caused by ResourceClientBits not correctly honouring the MaxClients value in the configuration file. - supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch, U_xorg-server-oob-read-enqueue-event.patch - U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch * DeepCopyPointerClasses use-after-free (CVE-2023-0494, ZDI-CAN-19596, bsc#1207783)
Dominique Leuenberger (dimstar_suse)
accepted
request 1060975
from
Stefan Dirsch (sndirsch)
(revision 416)
- rename u_xorg-server-oob-read-enqueue-event.patch to U_xorg-server-oob-read-enqueue-event.patch since it's already upstream - Add u_xorg-server-oob-read-enqueue-event.patch: fix an out-of-bounds read in EnqueueEvent.
Dominique Leuenberger (dimstar_suse)
accepted
request 1045913
from
Stefan Dirsch (sndirsch)
(revision 415)
Dominique Leuenberger (dimstar_suse)
accepted
request 1042895
from
Stefan Dirsch (sndirsch)
(revision 414)
- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch * XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283, bsc#1206017) - U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265, CVE-2022-46340, bsc#1205874) - U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch * Xi: return an error from XI property changes if verification failed (no ZDI-CAN id, no CVE id, bsc#1205875) - U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405, CVE-2022-46344, bsc#1205876) - U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381, CVE-2022-46341, bsc#1205877) - U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404, CVE-2022-46343, bsc#1205878) - U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400, CVE-2022-46342, bsc#1205879)
Dominique Leuenberger (dimstar_suse)
accepted
request 1034269
from
Stefan Dirsch (sndirsch)
(revision 413)
- Release 21.1 covers bugfixes and JIRA tickets for bsc#1176015,bsc#1182510,bsc#1182884,bsc#1184072,bsc#1184543,bsc#1184906,bsc#1186092,bsc#1188970,bsc#1194159,bsc#1196577,bsc#1197046,bsc#1197269,bsc#1200076,fdo#574,jsc#SLE-18653,jsc#SLE-8470
Dominique Leuenberger (dimstar_suse)
accepted
request 1034184
from
Stefan Dirsch (sndirsch)
(revision 412)
- Release 21.1 supersedes the following patches still used with xorg-x11-server 1.20.3 on sle15-sp4/Leap 15.4: * U_0002-DRI2-Add-another-Coffeelake-PCI-ID.patch * U_0002-Fix-crash-on-XkbSetMap.patch * U_0003-Fix-crash-on-XkbSetMap.patch * U_0003-dri2-Sync-i965_pci_ids.h-from-mesa.patch * U_0004-dri2-Set-fallback-driver-names-for-Intel-and-AMD-chi.patch * U_0005-dri2-Sync-i965_pci_ids.h-from-mesa-iris_pci_ids.h.patch * U_build-glx-Lower-gl-version-to-work-with-libglvnd.patch * U_glamor-Make-pixmap-exportable-from-gbm_bo_from_pixma.patch * U_hw_do-not-include-sys-io-with-glibc.patch * U_meson-Fix-another-reference-to-gl-9.2.0.patch * U_modesetting-Fix-broken-manpage-in-autoconf-build.patch * U_present-wnmd-Fix-use-after-free-on-CRTC-removal.patch * U_present-wnmd-Relax-assertion-on-CRTC-on-abort_vblank.patch * U_xfree86-Change-displays-array-to-pointers-array-to-f.patch * U_xfree86-Fix-NULL-pointer-dereference-crash.patch * U_xkbsetdeviceinfo.patch * u_sync-pci-ids-with-Mesa-21.2.4.patch * u_xf86-Accept-devices-with-the-simpledrm-driver.patch * u_xichangehierarchy-CVE-2020-14346.patch * u_xkb-CVE-2020-14345.patch * u_xkb-CVE-2020-14360.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 1032921
from
Stefan Dirsch (sndirsch)
(revision 411)
- removed N_Disable-HW-Cursor-for-cirrus-and-mgag200-kernel-modules.patch * meanwhile cirrus and mgag200 Kernel drivers have been rewritten multiple times and no longer have (broken) hardware cursor - u_xf86-Accept-devices-with-the-kernels-ofdrm-driver.patch * Add workaround to support ofdrm
Displaying revisions 1 - 20 of 430