Commit Graph

77 Commits

Author SHA1 Message Date
matthieu
bb74146ca2 Fix a bug where some input clients can't connect to the input server.
FreeBSD bugzilla reference:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248549
2020-08-20 19:12:48 +00:00
matthieu
4c672aa51a Merge from upstream X.Org : Fix size calculation in _XimAttributeToValue
The check here guards the read below.

For `XimType_XIMStyles`, these are `num` of `CARD32` and for
`XimType_XIMHotKeyTriggers` these are `num` of `XIMTRIGGERKEY` ref[1]
which is defined as 3 x `CARD32`.  (There are data after the
`XIMTRIGGERKEY` according to the spec but they are not read by this
function and doesn't need to be checked.)

The old code here used the native datatype size instead of the wire
protocol size causing the check to always fail.

Also fix the size calculation for the header (size). It is 2 x CARD16
for both types despite the unused `CARD16` for `XimType_XIMStyles`.

This fixes a regression caused by previous commit.
2020-08-06 14:28:54 +00:00
matthieu
f22a219d59 Fixes for Heap corruption in the X input method client in libX11
CVE-2020-14344

These where reported to X.Org and patches proposed by Todd Carson.
Thanks.
2020-07-31 13:53:24 +00:00
matthieu
bc231106f4 Uppdate to libX11 1.6.9. Tested by krw@ and naddy@ 2020-01-04 17:55:16 +00:00
aoyama
8a3654518e Fix gcc3 specific error. The diff is based on latest upstream change.
suggested by jsg@, tested on luna88k by me, ok by jsg@ and matthieu@
2019-09-05 14:03:08 +00:00
matthieu
a400859a9c Update to libX11 1.6.8 riding the major bump caused by xtrans 1.4.0 2019-08-04 13:34:52 +00:00
matthieu
85da565ec0 Update to libxtrans 1.4.0. Major bumps for libX11 and libICE.
no objections from naddy@, espie@ and ajacoutot@
2019-08-04 13:33:46 +00:00
matthieu
7070f339ed Update to libX11 1.6.7 2018-10-20 19:23:25 +00:00
matthieu
b39f51f9a1 Udate to libX11 1.6.6. bug fixes release - no API/ABI changes. 2018-08-23 19:38:11 +00:00
matthieu
c48e946165 This file isn't built anymore. So remove diffs with upstreams. 2017-10-23 17:28:26 +00:00
matthieu
cff04da9bf Update to libX11 1.6.5 2017-02-28 18:44:56 +00:00
matthieu
20a75c6d0f Update to libX11 1.6.4 2016-11-03 10:21:30 +00:00
matthieu
4c3f151ece Remove stale files 2016-11-03 10:19:11 +00:00
matthieu
fd18c20e72 regen 2016-10-11 22:14:30 +00:00
natano
6c14b73344 ks_tables.h is always considered out of date due to the forced rebuild
of the makekeys util. This means it's also rebuilt during install. First
as root during build, later by the BUILDUSER during release, which won't
be able to rewrite it, because it's now owned by root. With this result:

	override rw-r--r--  root/wheel for ks_tables.h?


One step closer towards noperm release builds for xenocara.

ok matthieu
2016-10-08 21:51:47 +00:00
matthieu
89e55bbf5a Validation of server responses in XGetImage()
Check if enough bytes were received for specified image type and
geometry. Otherwise GetPixel and other functions could trigger an
out of boundary read later on.
From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
2016-10-04 14:58:26 +00:00
matthieu
bd2560e2ec The validation of server responses avoids out of boundary accesses.
From Tobias Stoeckmann / Xorg Securiry adrvisory Oct 4, 2016.
2016-10-04 14:56:37 +00:00
okan
27f67406f3 Remove support vax and XENOCARA_HAVE_SHARED_LIBS scaffolding.
ok matthieu@
2016-03-11 13:09:42 +00:00
matthieu
8252bb00ee update to libX11 1.6.3 2015-04-06 20:57:55 +00:00
matthieu
936b4cf06e Fix bad merges. 2015-01-01 17:37:52 +00:00
schwarze
01412a19db fix wrong name in .TH, NAME, and SYNOPSIS (obviously bad pastos...)
ok matthieu@
2014-12-09 09:29:52 +00:00
matthieu
8c1effea43 Update to libX11 1.6.2. No API change. 2013-09-28 17:03:13 +00:00
matthieu
ce84febd9d Update to libX11 1.6.1. 2013-08-26 19:57:22 +00:00
matthieu
acee5d3c07 Repair guenther's damage that I didn't ok. 2013-08-13 18:52:10 +00:00
guenther
426afb6384 Bump major on libX11-xcb to match the 64bit time_t change 2013-08-13 08:01:13 +00:00
guenther
b5bb12998e Bump the major on every single base library. There are a couple
not bumped by this that will be corrected soon.

heavy lifting by todd@
2013-08-13 07:07:07 +00:00
matthieu
4b8a5f471a Update to libX11 1.6.0 2013-06-04 03:19:34 +00:00
matthieu
9573aeb427 Update to libX11 1.5.99.902 aka 1.6rc2 2013-05-31 21:17:09 +00:00
matthieu
52f6d0ba20 Merge upstream fixes for several X libs vulnerabilities
discovered by Ilja van Sprundel.

CVE-2013-1981 X.org libX11 1.5.99.901 (1.6 RC1) integer overflows
CVE-2013-1982 X.org libXext 1.3.1 integer overflows
CVE-2013-1983 X.org libXfixes 5.0 integer overflows
CVE-2013-1984 X.org libXi 1.7.1 integer overflows
CVE-2013-1985 X.org libXinerama 1.1.2 integer overflows
CVE-2013-1986 X.org libXrandr 1.4.0 integer overflows
CVE-2013-1987 X.org libXrender 0.9.7 integer overflows
CVE-2013-1988 X.org libXRes 1.0.6 integer overflows
CVE-2013-1989 X.org libXv 1.0.7 integer overflows
CVE-2013-1990 X.org libXvMC 1.0.7 integer overflows
CVE-2013-1991 X.org libXxf86dga 1.1.3 integer overflows
CVE-2013-1992 X.org libdmx 1.1.2 integer overflows
CVE-2013-1994 X.org libchromeXvMC & libchromeXvMCPro in openChrome
0.3.2 integer overflows
CVE-2013-1995 X.org libXi 1.7.1 sign extension issues
CVE-2013-1996 X.org libFS 1.0.4 sign extension issues
CVE-2013-1997 X.org libX11 1.5.99.901 (1.6 RC1) buffer overflows
CVE-2013-1998 X.org libXi 1.7.1 buffer overflows
CVE-2013-1999 X.org libXvMC 1.0.7 buffer overflows
CVE-2013-2000 X.org libXxf86dga 1.1.3 buffer overflows
CVE-2013-2001 X.org libXxf86vm 1.1.2 buffer overflows
CVE-2013-2002 X.org libXt 1.1.3 buffer overflows
CVE-2013-2003 X.org libXcursor 1.1.13 integer overflows
CVE-2013-2004 X.org libX11 1.5.99.901 (1.6 RC1) unbounded recursion
CVE-2013-2005 X.org libXt 1.1.3 memory corruption
CVE-2013-2066 X.org libXv 1.0.7 buffer overflows
2013-05-23 22:42:07 +00:00
matthieu
f2c99c06c2 Update to libX11 1.6RC. No bump needed. 2013-04-28 16:55:55 +00:00
matthieu
be4020d279 Update to libX11 1.5.0 2012-06-11 19:18:54 +00:00
matthieu
08ecf5f3a3 Upate to libX11 1.5rc1. Tested by krw@, mpi@, shadchin@. 2012-03-27 19:19:37 +00:00
matthieu
f476ec5831 Fix _Xthr_once_stub_() to call the init routine for each different id.
With tweaks from and ok ariane@
2011-09-19 20:21:37 +00:00
matthieu
5577d754a3 Update to libX11 1.4.4. Tested by ajacoutot@, shadchin@. 2011-08-27 15:34:14 +00:00
dcoppa
651d3577d4 Fix libpthread linkage
OK matthieu@
2011-07-14 12:33:19 +00:00
matthieu
8cc0378bfd Update to libX11 1.4.3 which was released during the 1.4.2 tests.
Mostly churn in the doc build system, which is disabled on Xenocara
for now.
2011-05-30 20:52:47 +00:00
matthieu
d6643088f7 those files were added by mistake. remove them 2011-05-30 20:48:00 +00:00
matthieu
857c658f08 Update to libx11 1.4.2. Tested by ajacoutot@, jasper@ krw@, landry@,
shadchin@ on various architectures.
Bump major.
2011-05-30 19:19:29 +00:00
matthieu
7ae39052df xcb is no longer optional. 2011-03-08 20:48:59 +00:00
matthieu
54c946e7c3 Explicitely disable groff. 2010-10-22 19:50:32 +00:00
matthieu
502b62f99f Update to libX11 1.3.6.
Tested by ajacoutot@, jasper@ and krw@.
2010-10-05 19:50:57 +00:00
matthieu
a6c32b4cbf Add 2 missed files in previous update to libX11 1.3.5. 2010-09-04 10:36:30 +00:00
matthieu
6c940574a9 Update to libX11 1.3.5 2010-09-04 10:33:11 +00:00
matthieu
71cc7797d8 Disable the compose cache code.
It can't be used without proper libc locale support.
2010-06-01 05:26:44 +00:00
matthieu
aa3c9f9344 Update to libX11 1.3.3. Tested on a bulk ports build by naddy@. 2010-05-18 19:37:28 +00:00
matthieu
7edc2b5a56 Enable XCB on architectures with shared libs.
requested by sthen@.
2009-08-04 15:45:41 +00:00
matthieu
1793e9a798 Fix building without xcb. Found by david@. Thanks. 2009-06-04 16:36:07 +00:00
matthieu
72b4e41b8f if XENOCARA_BUILD_XCB is set, build the XCB version of libX11. 2009-06-04 00:13:56 +00:00
matthieu
be2770bef1 Use XENOCARA_HAVE_SHARED_LIBS from bsd.xconf.mk instead of hard-coding
the list here.
2009-06-03 23:56:07 +00:00
matthieu
8bb5fd8a8f update to libX11 1.2.1 2009-05-03 12:59:09 +00:00