packages/xorg-x11-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!131 add missing patches

Browse Source 
From: @zhouwenpei 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
This commit is contained in:
openeuler-ci-bot 2023-01-10 08:57:59 +00:00 committed by Gitee
commit 395c07002c
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
4 changed files with 84 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
backport-CVE-2022-46340.patch → backport-0001-CVE-2022-46340.patch
View File

34
backport-0002-CVE-2022-46340.patch Normal file
View File

@ -0,0 +1,34 @@
From bb1711b7fba42f2a0c7d1c09beee241a1b2bcc30 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Mon, 19 Dec 2022 10:06:45 +1000
Subject: [PATCH] Xext: fix invalid event type mask in XTestSwapFakeInput
In commit b320ca0 the mask was inadvertently changed from octal 0177 to
hexadecimal 0x177.
Fixes commit b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63
Xtest: disallow GenericEvents in XTestSwapFakeInput
Found by Stuart Cassoff
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Xext/xtest.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Xext/xtest.c b/Xext/xtest.c
index 2985a4ce6..dde5c4cf9 100644
--- a/Xext/xtest.c
+++ b/Xext/xtest.c
@@ -502,7 +502,7 @@ XTestSwapFakeInput(ClientPtr client, xReq * req)
nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent);
for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) {
- int evtype = ev->u.u.type & 0x177;
+ int evtype = ev->u.u.type & 0177;
/* Swap event */
proc = EventSwapVector[evtype];
/* no swapping proc; invalid event type? */
--
GitLab

41
backport-Xi-return-an-error-from-XI-property-changes-if-verification-failed.patch Normal file
View File

@ -0,0 +1,41 @@
From b8a84cb0f2807b07ab70ca9915fcdee21301b8ca Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue, 29 Nov 2022 13:24:00 +1000
Subject: [PATCH] Xi: return an error from XI property changes if verification
failed
Both ProcXChangeDeviceProperty and ProcXIChangeProperty checked the
property for validity but didn't actually return the potential error.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
---
Xi/xiproperty.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/Xi/xiproperty.c b/Xi/xiproperty.c
index a36f7d61d..68c362c62 100644
--- a/Xi/xiproperty.c
+++ b/Xi/xiproperty.c
@@ -902,6 +902,8 @@ ProcXChangeDeviceProperty(ClientPtr client)
rc = check_change_property(client, stuff->property, stuff->type,
stuff->format, stuff->mode, stuff->nUnits);
+ if (rc != Success)
+ return rc;
len = stuff->nUnits;
if (len > (bytes_to_int32(0xffffffff - sizeof(xChangeDevicePropertyReq))))
@@ -1141,6 +1143,9 @@ ProcXIChangeProperty(ClientPtr client)
rc = check_change_property(client, stuff->property, stuff->type,
stuff->format, stuff->mode, stuff->num_items);
+ if (rc != Success)
+ return rc;
+
len = stuff->num_items;
if (len > bytes_to_int32(0xffffffff - sizeof(xXIChangePropertyReq)))
return BadLength;
--
GitLab

13
xorg-x11-server.spec
View File

@ -16,7 +16,7 @@
Name: xorg-x11-server Name: xorg-x11-server
Version: 1.20.11 Version: 1.20.11
Release: 14 Release: 15
Summary: X.Org X11 X server Summary: X.Org X11 X server
License: MIT and GPLv2 License: MIT and GPLv2
URL: https://www.x.org URL: https://www.x.org
@ -94,12 +94,14 @@ Patch6008: backport-CVE-2022-3551.patch
Patch6009: xorg-server-1.20.11-sw.patch Patch6009: xorg-server-1.20.11-sw.patch
%endif %endif
Patch6010: backport-CVE-2022-3553.patch Patch6010: backport-CVE-2022-3553.patch
Patch6011: backport-CVE-2022-4283.patch Patch6011: backport-0001-CVE-2022-46340.patch
Patch6012: backport-CVE-2022-46340.patch Patch6012: backport-0002-CVE-2022-46340.patch
Patch6013: backport-CVE-2022-46341.patch Patch6013: backport-CVE-2022-46341.patch
Patch6014: backport-CVE-2022-46342.patch Patch6014: backport-CVE-2022-46342.patch
Patch6015: backport-CVE-2022-46343.patch Patch6015: backport-CVE-2022-46343.patch
Patch6016: backport-CVE-2022-46344.patch Patch6016: backport-Xi-return-an-error-from-XI-property-changes-if-verification-failed.patch
Patch6017: backport-CVE-2022-46344.patch
Patch6018: backport-CVE-2022-4283.patch
BuildRequires: audit-libs-devel autoconf automake bison dbus-devel flex git gcc BuildRequires: audit-libs-devel autoconf automake bison dbus-devel flex git gcc
BuildRequires: systemtap-sdt-devel libtool pkgconfig BuildRequires: systemtap-sdt-devel libtool pkgconfig
@ -443,6 +445,9 @@ find %{inst_srcdir}/hw/xfree86 -name \*.c -delete
%{_mandir}/man*/* %{_mandir}/man*/*
%changelog %changelog
* Tue Jan 10 2023 zhouwenpei <zhouwenpei1@h-partners.com> -1.20.11-15
- add missing patches
* Thu Dec 22 2022 wanglin <wangl29@chinatelecom.cn> - 1.20.11-14 * Thu Dec 22 2022 wanglin <wangl29@chinatelecom.cn> - 1.20.11-14
- Fix openEuler hard code problem - Fix openEuler hard code problem
- use -git instead of .git as the filename, to avoid .git ignore - use -git instead of .git as the filename, to avoid .git ignore