In X.Org X server 20.11 through 21.1.16, when a client application
uses easystroke for mouse gestures, the main thread modifies various
data structures used by the input thread without acquiring a lock,
aka a race condition. In particular, AttachDevice in dix/devices.c
does not acquire an input lock.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-49737
Upstream patch:
dc7cb45482
(From OE-Core rev: c6a8ad45174a416c4129deb210eab9b7721ce01d)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in the X.org server. Due to improperly
tracked allocation size in _XkbSetCompatMap, a local
attacker may be able to trigger a buffer overflow condition
via a specially crafted payload, leading to denial of service
or local privilege escalation in distributions where the
X.org server is run with root privileges.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-9632
Upstream patch:
ba1d14f8ef
(From OE-Core rev: 95027410dba7a2a7e9b93f76279272f22445399b)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FreeGlyph() function declared in render/glyphstr_priv.h, it is not present in
current recipe version and introduced in later versions, added this change to
render/glyphstr.h
(From OE-Core rev: cc2d9275203ad9489da43ff4e1f0983c00f235fd)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This release contains the fix for CVE-2023-1393 in today's security
advisory: https://lists.x.org/archives/xorg-announce/2023-March/003374.html
Benno Schulenberg (1):
xkbUtils: use existing symbol names instead of deleted deprecated ones
Olivier Fourdan (2):
composite: Fix use-after-free of the COW
xserver 21.1.8
git tag: xorg-server-21.1.8
(From OE-Core rev: 732b51f073105d4c6a0e2e06c559bffcac093fbf)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 7b08dff8f46bcaa05f7fbffbe27d524579af4faf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This reverts commit dc2c777cab0230fc54e078d20d872aaa9287a8b9.
Fixed in subsequent version bump
(From OE-Core rev: 151149b590a9051a6de58115a6796ccf17894498)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Otherwise, xserver will no longer start when NO_RECOMMENDATIONS = “1”,
because dependencies in XSERVER_RRECOMMENDS are missing.
(From OE-Core rev: a3607a035b4c9ab89232ccb1d0361791e5892b34)
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit bc7bd3953f3896af0db036250cda34bc9ecbb3ac)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Security update
CVE fixed in this release:
CVE-2022-2319/ZDI-CAN-16062: X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access
CVE-2022-2320/ZDI-CAN-16070: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access
Changes:
present: Check for NULL to prevent crash
rootless: Dead code removal (ROOTLESS_REDISPLAY_DELAY is already defined)
X11Application: Ensure TIS operations are done on the main thread
os/connection: Improve abstraction for launchd secure sockets
xquartz: Create a separate category for organizing user preferences
xquartz pbproxy: Adopt NSUserDefaults+XQuartzDefaults for preferences
xquartz: Fold spaces related preferences into NSUserDefaults+XQuartzDefaults
XQuartz: Ensure scroll events are delivered to a single window (not both X11 and AppKit)
meson: Bump requirement to meson-0.50.0
xquartz: Update Sparkle configuration to use SUPublicEDKey
xquartz: Update copyright for 2022
meson: Provide options to set CFBundleVersion and CFBundleVersionString in XQuartz
Revert "meson: Bump requirement to meson-0.50.0"
xquartz: Update autotools-based builds of XQuartz to account for recent changes
print_edid: Fix a format string error
xf86-input-inputtest: Fix build on systems without SOCK_NONBLOCK
tests: Fix build failure from missing micmap.c
meson: Support building Xnest and Xorg on darwin
XQuartz: Build the bundle trampoline when using meson
XQuartz: Add TCC reason keys to Info.plist
xquartz: Use correct defines when building to support Sparkle updates
xquartz: Fix a possible crash when editing the Application menu due to mutaing immutable arrays
XQuartz: Improve type safety for X11Controller's application menu editor
xquartz: Add missing files to distribution tarball
render: Fix build with gcc 12
xkb: switch to array index loops to moving pointers
xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck
xkb: add request length validation for XkbSetGeometry
Revert "os: Try to discover the current seat with the XDG_SEAT var first"
dix: Correctly save replayed event into GrabInfoRec
dix: Don't send touch end to clients that do async grab without touches
xfree86: Fix event data alignment in inputtest driver
xkb: fix XkbSetMap when changing a keysym without changing a keytype
(From OE-Core rev: 75503a13cb2a2266f311477a605389bbac7676e2)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d683f2a1fbe65b52d82f55a2e38aa75fc105a338)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade xserver-xorg from 21.1.2 to 21.1.3. And adjust indent as well.
(From OE-Core rev: c32dfebbab45122dc005c1ae9c49dc15a4f350b2)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2011-4613 is specific to Debian/Ubuntu.
CVE-2020-25697 is a non-trivial attack that may not actually be feasible
considering the default behaviour for clients is to exit if the
connection is lost.
(From OE-Core rev: afa2e6c31a79f75ff4113d53f618bbb349cd6c17)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some of the CVEs have x_server as the product name.
(From OE-Core rev: 4d5d63cf8605515bb659b6b732683d7fe6540728)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This wasn't a problem in poky, but was exposed with a nodistro build.
(From OE-Core rev: 0afc9fdb93bb62a78ec6d3aaf870587f52c5a7a4)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Not every option was carried over, drop them accordingly.
(From OE-Core rev: e05abd87ee5d23750c641d0129d9c83db68ee2e8)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxcvt is a new dependency (thanks Oleksandr!).
Include ${libdir}/xorg/modules/input/*.so into the main
package (if for someone separate packaging matters, please
investigate what they do).
Remove options no longer present upstream.
Remove patches available upstream; drop a chunk as well.
(From OE-Core rev: fe501ae1f6bea73882707c944c4fab5c5657a551)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
