Commit Graph

65 Commits

Author SHA1 Message Date
matthieu
0a2f4bc72f fix for X Server Pixel Data Uninitialized Memory Information Disclosure
CVE-2020-14347

This vulnerability was discovered and reported to X.Org by Jan-Niklas
Sohn working with Trend Micro Zero Day Initiative.
2020-07-31 14:00:21 +00:00
matthieu
ac0e12b4da dix: do not send focus event when grab actually does not change
upstream commit 364d64981549544213e2bca8de6ff8a5b2b5a69e

Fixes an issue in xserver 1.20 where some applications were loosing
focus. Naddy@ reported it appeards in SDL 1.2 games (burgerspace).

tested and ok naddy@
2020-04-14 17:29:21 +00:00
matthieu
9064f8eee5 Update to xserver 1.20.8. ok jsg@ robert@ 2020-04-13 08:06:58 +00:00
matthieu
9a532c5475 Update to X server 1.20.6. Tested by naddy@ 2019-12-12 06:05:17 +00:00
matthieu
a77e9959f3 Update to xserver 1.20.5. Tested by jsg@ 2019-07-27 07:57:06 +00:00
matthieu
857585fc69 Update to xserver 1.19.6. bug fix release 2018-02-18 17:16:37 +00:00
matthieu
1a66cad3fb Update to xserver 1.19.5.
Tested by bru@, jsg@ and others
2017-12-08 15:01:59 +00:00
matthieu
f51fea01a3 MFC: Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176) 2017-10-14 09:35:14 +00:00
matthieu
1862f5487a Merge upstream fixes to the X event swapping code.
(CVE-2017-10971 and CVE-2017-10972).
2017-07-07 06:22:19 +00:00
matthieu
fd18c20e72 regen 2016-10-11 22:14:30 +00:00
matthieu
6e1bcfb3c6 Update to xserver 1.18.4
tested by krw@ and dcoppa@ ok dcoppa@
2016-08-09 18:59:50 +00:00
matthieu
e927c03e30 Update to xserver 1.18.3. Tested by shadchin@ and naddy@.
Note that indirect GLX is now disbled by default.
2016-05-29 12:02:34 +00:00
matthieu
4c6a4e1e00 Update to xserver 1.17.4.
tested by naddy@
2015-11-07 16:48:51 +00:00
matthieu
86ea9f12e2 Update to xserver 1.17.2. tested by dcoppa@, jsg@, jasper@ & naddy@ 2015-09-16 19:10:19 +00:00
matthieu
5b19f6d757 Update to xserver 1.16.4.
Contains fix for CVE-2015-0255. ok dcoppa@
2015-02-11 20:58:46 +00:00
matthieu
797ed93386 Protocol handling issues in X Window System servers
One year after Ilja van Sprundel, discovered and reported a large number
of issues in the way the X server code base handles requests from X clients,
they have been fixed.
2014-12-09 17:58:52 +00:00
matthieu
1cfce7c208 Update to xserver 1.16.2 2014-11-22 08:33:45 +00:00
matthieu
4f58590a42 Update to xserver 1.16.1.
Tested by naddy@, jsg@ & kettenis@
2014-09-27 17:52:59 +00:00
matthieu
3bbfe7b179 Update to xserver 1.15.1.
Tested by at least ajacoutot@, dcoppa@ & jasper@
2014-05-02 19:27:46 +00:00
matthieu
511a911dd8 Update to xserver 1.14.4 2013-12-08 10:53:01 +00:00
matthieu
639856387e Fix from upstreams for CVE-2013-4396
Use after free in Xserver handling of ImageText requests
2013-10-09 05:37:56 +00:00
matthieu
5ae225f39c Update to xserver 1.14.3 2013-09-28 15:36:30 +00:00
matthieu
577763cda7 Uodate to xserver 1.14.2. Tested by krw@, shadchin@, todd@ 2013-08-24 19:44:25 +00:00
matthieu
adec87cf5d Update to X server 1.14.1. Tested by many during t2k13. Thanks. 2013-06-07 17:28:45 +00:00
matthieu
e26a212fd0 Regen autotools build system with a clean environment.
It was previously generated with a config pointing to OpenBSD's libtool
which is not ready yet.
2012-10-27 14:52:25 +00:00
matthieu
58d9658ddc regen 2012-10-14 08:59:33 +00:00
matthieu
eb59960f12 regen autotools 2012-08-05 18:14:29 +00:00
matthieu
fe11647d1f Update to xserver 1.12.3. 2012-08-05 18:11:37 +00:00
matthieu
e60da74507 Update to xserver 1.12.2. tested by naddy@, krw@, mpi@. 2012-06-10 13:21:05 +00:00
matthieu
9576ef223d Update to xserver 1.11.4. tested by krw@, shadchin@. 2012-01-31 07:52:35 +00:00
matthieu
4344ac3914 Bugfix Update to xserver 1.11.3 2011-12-18 16:08:59 +00:00
matthieu
61a7d5427d Update to xserver 1.11.2 2011-11-05 13:32:40 +00:00
kettenis
b1e129123c Fix transformation of events supplying only a valuator for the y-coordinate.
ok matthieu@
2011-07-04 20:40:19 +00:00
matthieu
a4d630d049 regen 2011-06-29 19:57:45 +00:00
matthieu
4a238ea6a4 Update to xserver 1.9.5. Tested by jasper@, ajacoutot@ and krw@ 2011-04-02 16:08:38 +00:00
matthieu
dd56fb17b5 Update to xorg-server 1.9.3. Tested by japser@, landry@ and ajacoutot@
in various configurations.
2010-12-21 20:10:44 +00:00
matthieu
428261197a Upgrade to xorg-server 1.9.2.
Tested by ajacoutot@, krw@, shadchin@ and jasper@ on various configurations
including multihead with both zaphod and xrandr.
2010-12-05 15:36:02 +00:00
matthieu
d57b1a146f regen (yes lots of files, since util-macros has been updated). 2010-09-01 13:43:24 +00:00
matthieu
95d684a05b Update to xserver 1.8. Tested by many. Ok oga@, todd@. 2010-07-27 19:02:24 +00:00
matthieu
49012820cb Add a configure test for newer proto headers and use it to enable
building xserver 1.6 with those headers. ok oga@.
2010-04-13 19:54:46 +00:00
matthieu
8542099ff7 Update to server 1.6.5. 2009-10-31 14:09:43 +00:00
matthieu
88f6f3ea75 update to xserver 1.6.4rc1. Tested by many, ok oga@. 2009-09-06 19:44:18 +00:00
matthieu
60021fe985 xserver 1.5.2. tested by ckuethe@, oga@, and others. 2008-11-02 15:26:08 +00:00
matthieu
97eda17882 Update to xserver 1.4.2. Tested by landry@, ckuethe@, jsing@ mbalmer@. 2008-06-15 00:17:32 +00:00
matthieu
48bc822959 regen. 2008-05-24 20:39:01 +00:00
matthieu
2610b1cdea Fix for CVE-2007-3069 from X.Org git repository:
Don't break grab and focus state for a window when redirecting it.

    Composite uses an unmap/map cycle to trigger backing pixmap allocation
    and cliprect recomputation when a window is redirected or unredirected.
    To avoid protocol visible side effects, map and unmap events are
    disabled temporarily.  However, when a window is unmapped it is also
    removed from grabs and loses focus, but these state changes are not
    disabled.

    This change supresses the unmap side effects during the composite
    unmap/map cycle and fixes a bug where a compositing window manager
     would cause the screensaver to lose its grab when it unredirects the
    fullscreen lock window.
2008-02-20 21:25:15 +00:00
matthieu
daec730aa0 Remove empty unused files. 2008-02-11 22:59:20 +00:00
matthieu
4ca84ce6c5 Fix from X.Org for CVE-2008-0006 - PCF Font parser buffer overflow. 2008-01-17 15:44:49 +00:00
jsing
6189593aff regen 2008-01-04 14:01:04 +00:00
matthieu
67952fe293 Add back files that I removed before import to minimize cvs noise. That
was a mistake. sorry.
2007-12-13 21:51:47 +00:00