matthieu
857585fc69
Update to xserver 1.19.6. bug fix release
2018-02-18 17:16:37 +00:00
matthieu
1a66cad3fb
Update to xserver 1.19.5.
...
Tested by bru@, jsg@ and others
2017-12-08 15:01:59 +00:00
matthieu
515a707d86
MFC: hw/xfree86: unvalidated lengths
...
This addresses:
CVE-2017-12180 in XFree86-VidModeExtension
CVE-2017-12181 in XFree86-DGA
CVE-2017-12182 in XFree86-DRI
2017-10-14 09:24:30 +00:00
matthieu
3b3c79f0b0
MFC: Unvalidated lengths
...
v2: Add overflow check and remove unnecessary check (Julien Cristau)
This addresses:
CVE-2017-12184 in XINERAMA
CVE-2017-12185 in MIT-SCREEN-SAVER
CVE-2017-12186 in X-Resource
CVE-2017-12187 in RENDER
2017-10-14 09:20:42 +00:00
matthieu
2f2a50b99b
MFC: Xext/shm: Validate shmseg resource id (CVE-2017-13721)
...
Otherwise it can belong to a non-existing client and abort X server with
FatalError "client not in use", or overwrite existing segment of another
existing client.
2017-10-14 09:06:06 +00:00
matthieu
fd18c20e72
regen
2016-10-11 22:14:30 +00:00
matthieu
6e1bcfb3c6
Update to xserver 1.18.4
...
tested by krw@ and dcoppa@ ok dcoppa@
2016-08-09 18:59:50 +00:00
matthieu
e927c03e30
Update to xserver 1.18.3. Tested by shadchin@ and naddy@.
...
Note that indirect GLX is now disbled by default.
2016-05-29 12:02:34 +00:00
matthieu
4c6a4e1e00
Update to xserver 1.17.4.
...
tested by naddy@
2015-11-07 16:48:51 +00:00
matthieu
86ea9f12e2
Update to xserver 1.17.2. tested by dcoppa@, jsg@, jasper@ & naddy@
2015-09-16 19:10:19 +00:00
kettenis
a77282edc7
Use __MAP_NOFAULT to map shared memory passed through file descriptors. This
...
completely avoids the risk of getting killed by a signal because the backing
storage isn't there.
Use the __-prefixed name for now, as we might still change the name.
ok deraadt@, matthieu@
2015-02-09 09:45:32 +00:00
matthieu
797ed93386
Protocol handling issues in X Window System servers
...
One year after Ilja van Sprundel, discovered and reported a large number
of issues in the way the X server code base handles requests from X clients,
they have been fixed.
2014-12-09 17:58:52 +00:00
matthieu
1cfce7c208
Update to xserver 1.16.2
2014-11-22 08:33:45 +00:00
matthieu
4f58590a42
Update to xserver 1.16.1.
...
Tested by naddy@, jsg@ & kettenis@
2014-09-27 17:52:59 +00:00
matthieu
3bbfe7b179
Update to xserver 1.15.1.
...
Tested by at least ajacoutot@, dcoppa@ & jasper@
2014-05-02 19:27:46 +00:00
matthieu
8742d82e5a
Update to xserver 1.14.5
2013-12-28 14:40:01 +00:00
kettenis
29c59cee22
Avoid timeouts of ULONG_MAX milliseconds. Stops the X server from crashing
...
with "select returned EINVAL" messages.
ok matthieu@
2013-12-15 11:31:09 +00:00
matthieu
511a911dd8
Update to xserver 1.14.4
2013-12-08 10:53:01 +00:00
matthieu
5ae225f39c
Update to xserver 1.14.3
2013-09-28 15:36:30 +00:00
matthieu
577763cda7
Uodate to xserver 1.14.2. Tested by krw@, shadchin@, todd@
2013-08-24 19:44:25 +00:00
matthieu
adec87cf5d
Update to X server 1.14.1. Tested by many during t2k13. Thanks.
2013-06-07 17:28:45 +00:00
matthieu
e26a212fd0
Regen autotools build system with a clean environment.
...
It was previously generated with a config pointing to OpenBSD's libtool
which is not ready yet.
2012-10-27 14:52:25 +00:00
matthieu
58d9658ddc
regen
2012-10-14 08:59:33 +00:00
matthieu
eb59960f12
regen autotools
2012-08-05 18:14:29 +00:00
matthieu
e60da74507
Update to xserver 1.12.2. tested by naddy@, krw@, mpi@.
2012-06-10 13:21:05 +00:00
matthieu
9576ef223d
Update to xserver 1.11.4. tested by krw@, shadchin@.
2012-01-31 07:52:35 +00:00
matthieu
4344ac3914
Bugfix Update to xserver 1.11.3
2011-12-18 16:08:59 +00:00
matthieu
61a7d5427d
Update to xserver 1.11.2
2011-11-05 13:32:40 +00:00
matthieu
a4d630d049
regen
2011-06-29 19:57:45 +00:00
matthieu
4a238ea6a4
Update to xserver 1.9.5. Tested by jasper@, ajacoutot@ and krw@
2011-04-02 16:08:38 +00:00
matthieu
90f7a9841a
Xext: fix test on extension number for the swapped case.
2011-04-01 21:24:37 +00:00
matthieu
dd56fb17b5
Update to xorg-server 1.9.3. Tested by japser@, landry@ and ajacoutot@
...
in various configurations.
2010-12-21 20:10:44 +00:00
matthieu
428261197a
Upgrade to xorg-server 1.9.2.
...
Tested by ajacoutot@, krw@, shadchin@ and jasper@ on various configurations
including multihead with both zaphod and xrandr.
2010-12-05 15:36:02 +00:00
matthieu
d57b1a146f
regen (yes lots of files, since util-macros has been updated).
2010-09-01 13:43:24 +00:00
matthieu
95d684a05b
Update to xserver 1.8. Tested by many. Ok oga@, todd@.
2010-07-27 19:02:24 +00:00
matthieu
b855bc3cce
cope with the xinerama headers cleanup. From xserver git repository.
2010-04-27 20:12:19 +00:00
matthieu
49012820cb
Add a configure test for newer proto headers and use it to enable
...
building xserver 1.6 with those headers. ok oga@.
2010-04-13 19:54:46 +00:00
matthieu
8542099ff7
Update to server 1.6.5.
2009-10-31 14:09:43 +00:00
matthieu
88f6f3ea75
update to xserver 1.6.4rc1. Tested by many, ok oga@.
2009-09-06 19:44:18 +00:00
matthieu
60021fe985
xserver 1.5.2. tested by ckuethe@, oga@, and others.
2008-11-02 15:26:08 +00:00
matthieu
2e211b412b
CVE-2008-1379 - MIT-SHM arbitrary memory read.
...
(This patch was missing form the bunch of security patches committed
on june 11. noticed by brad@).
2008-06-17 21:53:45 +00:00
matthieu
97eda17882
Update to xserver 1.4.2. Tested by landry@, ckuethe@, jsing@ mbalmer@.
2008-06-15 00:17:32 +00:00
matthieu
52218799b8
Fixes for various integer overflow problems from X.Org:
...
CVE-2008-2360 - RENDER Extension heap buffer overflow
CVE-2008-2361 - RENDER Extension crash
CVE-2008-2362 - RENDER Extension memory corruption
CVE-2008-1379 - MIT-SHM arbitrary memory read
CVE-2008-1377 - RECORD and Security extensions memory corruption
2008-06-11 15:39:26 +00:00
matthieu
48bc822959
regen.
2008-05-24 20:39:01 +00:00
matthieu
807e8fa566
Fix from X.Org repository: untrusted access broken in 7.3.
2008-02-20 21:29:42 +00:00
matthieu
192dfccc63
3rd try... CVE-2007-6429: Always test for size+offset wrapping. From X.Org.
2008-01-21 21:38:22 +00:00
matthieu
68a7d32fea
Previous shm fix for CVE-2007-6429 was incorrect.
...
Don't spuriously reject <8bpp shm pixmaps. From X.Org repository.
2008-01-18 20:53:51 +00:00
matthieu
5215f23408
Fix from X.Org for CVE-2007-6429 - MIT-SHM and EVI extensions integer overflows.
2008-01-17 15:43:43 +00:00
matthieu
af2f977c6b
Fix from X.Org for CVE-2007-6428 - TOG-cup extension memory corruption.
2008-01-17 15:43:06 +00:00
matthieu
19e04f544a
Fix from X.Org for CVE-2007-5958 - File existence disclosure.
2008-01-17 15:41:53 +00:00