Commit Graph

6809 Commits

Author SHA1 Message Date
matthieu
553b461bdc Disable the print-immediate and print-on-error functions in xterm.
They a causing a pledge violation when called, and we can live without
them. ok millert, also discussed with deraadt@
2020-01-20 21:03:35 +00:00
matthieu
2961de70eb update 2020-01-18 15:20:28 +00:00
matthieu
147e36c7dc Disable PASTE64, TCAP_FKEYS and TCAP_QUERY explicitly.
They got enabled in previous xterm update but we don't want those.
PASTE64 issue and patch by deraadt@, discussed also with nicm@
2020-01-18 11:59:03 +00:00
matthieu
6158267635 update 2020-01-14 21:28:50 +00:00
matthieu
6cb0617196 Oops fix previous. 2020-01-14 21:18:04 +00:00
matthieu
b9ee46e1d5 Remove support for XA_IP_ADDRESS from XmuConvertStandardSelection()
This cause problems with pledged applications like xterm, as reported by
Benjamin Baier and also lacks support for IPv6 as shown in
Xorg bug #7611 https://bugs.freedesktop.org/show_bug.cgi?id=7611

Discussed with jca@ and deraadt@ and submitted upstreams
2020-01-14 21:01:32 +00:00
matthieu
6869a5f294 Update to libXmu 1.1.3 2020-01-14 20:58:31 +00:00
matthieu
82151e1da6 Update to fonttosfnt 1.1.0 2020-01-14 20:52:17 +00:00
matthieu
92ede04394 Update to viewres 1.0.6 2020-01-14 20:51:24 +00:00
matthieu
386cac5010 Update to xhost 1.0.8 2020-01-14 20:50:06 +00:00
matthieu
d6bc8a29a7 Update to xauth 1.1 2020-01-14 20:49:33 +00:00
matthieu
b7be776563 Update to libXt 1.2.0. Tested by tb@ 2020-01-14 20:48:59 +00:00
matthieu
c9323f8b31 sync 2020-01-04 18:04:05 +00:00
matthieu
0ce5b9fca4 update 2020-01-04 18:01:06 +00:00
matthieu
cecb53bbe8 Update to libXpm 3.5.13. 2020-01-04 18:00:46 +00:00
matthieu
af3df7cdfd Update to libxkbfile 1.1.0. Tested by krw@ and naddy@ 2020-01-04 17:58:47 +00:00
matthieu
a72dcdf233 Update to libXvMC 1.0.12. Tested by krw@ and naddy@ 2020-01-04 17:57:39 +00:00
matthieu
10e0196fe9 Update to libXi 1.7.10. Tested by krw@ and naddy@ 2020-01-04 17:56:26 +00:00
matthieu
bc231106f4 Uppdate to libX11 1.6.9. Tested by krw@ and naddy@ 2020-01-04 17:55:16 +00:00
matthieu
5964062853 Update to xorgproto 2019.2. Tested by krw@ and naddy@ 2020-01-04 17:53:16 +00:00
matthieu
e2ed9db4c7 update 2019-12-29 08:55:02 +00:00
matthieu
150aa6e9c8 Update to xterm 351. tested and ok solene@ jca@ 2019-12-29 08:54:02 +00:00
matthieu
d9164a6c1e update 2019-12-24 12:15:09 +00:00
matthieu
fa95a5c1ad Update to makedepend 1.0.6 2019-12-24 12:14:28 +00:00
matthieu
0cfba462e6 Update to xrdb 1.2.0 2019-12-24 10:27:51 +00:00
matthieu
307acfa8fe update 2019-12-14 15:00:54 +00:00
matthieu
6fa14ff265 Update to libXfont2 2.0.4 2019-12-14 14:57:44 +00:00
matthieu
4cc195529e Update to font/util 1.3.2 2019-12-14 14:44:26 +00:00
matthieu
7b215e5757 Update to font/encodings 1.0.5 2019-12-14 14:43:17 +00:00
matthieu
94493e315c update 2019-12-12 06:08:12 +00:00
matthieu
9a532c5475 Update to X server 1.20.6. Tested by naddy@ 2019-12-12 06:05:17 +00:00
jsg
529ec772d8 regen 2019-12-07 03:10:09 +00:00
jsg
d3074235e2 build Mesa with _ISOC11_SOURCE for c11 visibility
autoconf function tests run without --std and have c11 visibility
timespec_get(3), a c11 function is found this way.

With gcc < 4.6 Mesa will build with --std=gnu99 with clang it will
build with --std=c99 and timespec_get() will no longer be visibile.
Further complicating things gcc 4.2 does not recognise --std=c11.

This was not noticed on linux as they build with _GNU_SOURCE which
among other things gives c11 visibility even with --std=c99.

discussed with millert@
2019-12-07 03:09:41 +00:00
deraadt
ed32a4544c xenodm uses the libc authentication layer incorrectly.
fix by markus or millert
Reported by Qualys
2019-12-04 09:53:47 +00:00
deraadt
5886ab525a Constrain honouring of path-related environment variables based upon
issetugid(), not just the sloppy uid != euid test. gid != egid cases
can occur also.
Part of 6.6/009_mesaxlock.patch.sig and 6.5/020_mesaxlock.patch.sig
From Qualys, ok
2019-12-04 02:26:36 +00:00
deraadt
4f8bdea832 disable opengl and mesa functionality
from matthieu, ok jsg
2019-12-03 17:44:29 +00:00
jsg
a404f03df3 update 2019-11-27 10:26:56 +00:00
jsg
f42e66cbd7 update to GLU 9.0.1
Among other minor changes this adds a stddef.h include for NULL required
to build with Mesa 19.2 headers.
2019-11-27 10:26:12 +00:00
jsg
58ce6ad3d9 update 2019-11-27 02:22:35 +00:00
jsg
b6729d7533 sync 2019-11-27 02:18:51 +00:00
jsg
94e5bba011 Merge libdrm 2.4.100 2019-11-27 02:17:47 +00:00
jsg
a628e08ec1 Import libdrm 2.4.100 2019-11-27 02:09:48 +00:00
matthieu
974a819012 update 2019-11-23 14:31:41 +00:00
matthieu
7b53c81262 update 2019-11-20 21:34:30 +00:00
jsg
76ee08e832 Call shmget() with permission 0600 instead of 0777
From Brian Paul
02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc in mainline Mesa

"A security advisory (TALOS-2019-0857/CVE-2019-5068) found that
creating shared memory regions with permission mode 0777 could allow
any user to access that memory.  Several Mesa drivers use shared-
memory XImages to implement back buffers for improved performance.

This path changes the shmget() calls to use 0600 (user r/w).

Tested with legacy Xlib driver and llvmpipe."
2019-11-20 03:13:04 +00:00
mglocker
1d6efe8e23 Tested a Logitech Webcam C930e which has 17 frame sizes but video(1) only
supports 16 today.  Bump the array to 32 which makes 1920x1080 work on this
device as well.

OK deraadt
2019-11-06 05:46:51 +00:00
matthieu
96afcbe794 Stop calling chmod() in cache update code.
These calls are useless to toxic and come in the way of adding pledge
to applications (would require 'fattr' which is quite wide).
Discussed with deraadt, millert and jcs.
Submitted upstreams too.
2019-10-28 19:38:47 +00:00
matthieu
1e2269ecbb update 2019-10-26 09:39:43 +00:00
matthieu
049847108f Update to xf86-video-ati 19.10.0. tested by jsg@ 2019-10-26 09:37:25 +00:00
matthieu
0999e0299d Update to xf86-video-amdgpu 19.1.0. Tested by mortimer@ and jsg@ 2019-10-26 09:36:38 +00:00