diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000000000000000000000000000000000..d87f5613ec4234f82f8eaeebc563711f587fdf88 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.xz filter=lfs diff=lfs merge=lfs -text diff --git a/.lfsconfig b/.lfsconfig new file mode 100644 index 0000000000000000000000000000000000000000..c5e2b4633cadd2e640445d72703cf1ec811e94b7 --- /dev/null +++ b/.lfsconfig @@ -0,0 +1,2 @@ +[lfs] + url = https://artlfs.openeuler.openatom.cn/src-openEuler/xorg-x11-server diff --git a/backport-CVE-2021-4008.patch b/backport-CVE-2021-4008.patch deleted file mode 100644 index c37af61b333d11f095be5b279fcfc95f0b0f57ac..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-4008.patch +++ /dev/null @@ -1,51 +0,0 @@ -From ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60 Mon Sep 17 00:00:00 2001 -From: Povilas Kanapickas -Date: Tue, 14 Dec 2021 15:00:03 +0200 -Subject: [PATCH] render: Fix out of bounds access in - SProcRenderCompositeGlyphs() - -ZDI-CAN-14192, CVE-2021-4008 - -This vulnerability was discovered and the fix was suggested by: -Jan-Niklas Sohn working with Trend Micro Zero Day Initiative - -Signed-off-by: Povilas Kanapickas ---- - render/render.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/render/render.c b/render/render.c -index c376090ca..456f156d4 100644 ---- a/render/render.c -+++ b/render/render.c -@@ -2309,6 +2309,9 @@ SProcRenderCompositeGlyphs(ClientPtr client) - - i = elt->len; - if (i == 0xff) { -+ if (buffer + 4 > end) { -+ return BadLength; -+ } - swapl((int *) buffer); - buffer += 4; - } -@@ -2319,12 +2322,18 @@ SProcRenderCompositeGlyphs(ClientPtr client) - buffer += i; - break; - case 2: -+ if (buffer + i * 2 > end) { -+ return BadLength; -+ } - while (i--) { - swaps((short *) buffer); - buffer += 2; - } - break; - case 4: -+ if (buffer + i * 4 > end) { -+ return BadLength; -+ } - while (i--) { - swapl((int *) buffer); - buffer += 4; --- -GitLab diff --git a/backport-CVE-2021-4009.patch b/backport-CVE-2021-4009.patch deleted file mode 100644 index 0ee1354fecaa0d5458e484d7528b0c5c18f87b7d..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-4009.patch +++ /dev/null @@ -1,42 +0,0 @@ -From b5196750099ae6ae582e1f46bd0a6dad29550e02 Mon Sep 17 00:00:00 2001 -From: Povilas Kanapickas -Date: Tue, 14 Dec 2021 15:00:01 +0200 -Subject: [PATCH] xfixes: Fix out of bounds access in - *ProcXFixesCreatePointerBarrier() - -ZDI-CAN-14950, CVE-2021-4009 - -This vulnerability was discovered and the fix was suggested by: -Jan-Niklas Sohn working with Trend Micro Zero Day Initiative - -Signed-off-by: Povilas Kanapickas ---- - xfixes/cursor.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/xfixes/cursor.c b/xfixes/cursor.c -index 60580b88f..c5d4554b2 100644 ---- a/xfixes/cursor.c -+++ b/xfixes/cursor.c -@@ -1010,7 +1010,8 @@ ProcXFixesCreatePointerBarrier(ClientPtr client) - { - REQUEST(xXFixesCreatePointerBarrierReq); - -- REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, pad_to_int32(stuff->num_devices)); -+ REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, -+ pad_to_int32(stuff->num_devices * sizeof(CARD16))); - LEGAL_NEW_RESOURCE(stuff->barrier, client); - - return XICreatePointerBarrier(client, stuff); -@@ -1027,7 +1028,8 @@ SProcXFixesCreatePointerBarrier(ClientPtr client) - - swaps(&stuff->length); - swaps(&stuff->num_devices); -- REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, pad_to_int32(stuff->num_devices)); -+ REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, -+ pad_to_int32(stuff->num_devices * sizeof(CARD16))); - - swapl(&stuff->barrier); - swapl(&stuff->window); --- -GitLab diff --git a/backport-CVE-2021-4010.patch b/backport-CVE-2021-4010.patch deleted file mode 100644 index 447d9f1f89d77e6d0f5a42fa58d4051b384003b5..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-4010.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 6c4c53010772e3cb4cb8acd54950c8eec9c00d21 Mon Sep 17 00:00:00 2001 -From: Povilas Kanapickas -Date: Tue, 14 Dec 2021 15:00:02 +0200 -Subject: [PATCH] Xext: Fix out of bounds access in SProcScreenSaverSuspend() - -ZDI-CAN-14951, CVE-2021-4010 - -This vulnerability was discovered and the fix was suggested by: -Jan-Niklas Sohn working with Trend Micro Zero Day Initiative - -Signed-off-by: Povilas Kanapickas ---- - Xext/saver.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Xext/saver.c b/Xext/saver.c -index 1d7e3cadf..f813ba08d 100644 ---- a/Xext/saver.c -+++ b/Xext/saver.c -@@ -1351,8 +1351,8 @@ SProcScreenSaverSuspend(ClientPtr client) - REQUEST(xScreenSaverSuspendReq); - - swaps(&stuff->length); -- swapl(&stuff->suspend); - REQUEST_SIZE_MATCH(xScreenSaverSuspendReq); -+ swapl(&stuff->suspend); - return ProcScreenSaverSuspend(client); - } - --- -GitLab diff --git a/backport-CVE-2021-4011.patch b/backport-CVE-2021-4011.patch deleted file mode 100644 index fcc56eeabe357e53412bf3f89d12a1503f501246..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-4011.patch +++ /dev/null @@ -1,32 +0,0 @@ -From e56f61c79fc3cee26d83cda0f84ae56d5979f768 Mon Sep 17 00:00:00 2001 -From: Povilas Kanapickas -Date: Tue, 14 Dec 2021 15:00:00 +0200 -Subject: [PATCH] record: Fix out of bounds access in SwapCreateRegister() - -ZDI-CAN-14952, CVE-2021-4011 - -This vulnerability was discovered and the fix was suggested by: -Jan-Niklas Sohn working with Trend Micro Zero Day Initiative - -Signed-off-by: Povilas Kanapickas ---- - record/record.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/record/record.c b/record/record.c -index be154525d..e123867a7 100644 ---- a/record/record.c -+++ b/record/record.c -@@ -2516,8 +2516,8 @@ SwapCreateRegister(ClientPtr client, xRecordRegisterClientsReq * stuff) - swapl(pClientID); - } - if (stuff->nRanges > -- client->req_len - bytes_to_int32(sz_xRecordRegisterClientsReq) -- - stuff->nClients) -+ (client->req_len - bytes_to_int32(sz_xRecordRegisterClientsReq) -+ - stuff->nClients) / bytes_to_int32(sz_xRecordRange)) - return BadLength; - RecordSwapRanges((xRecordRange *) pClientID, stuff->nRanges); - return Success; --- -GitLab diff --git a/xorg-server-1.20.11.tar.bz2 b/xorg-server-1.20.11.tar.bz2 deleted file mode 100644 index 9f27c97db4baf0e0022e28df2626873146398f15..0000000000000000000000000000000000000000 Binary files a/xorg-server-1.20.11.tar.bz2 and /dev/null differ diff --git a/xorg-server-1.20.14.tar.xz b/xorg-server-1.20.14.tar.xz new file mode 100644 index 0000000000000000000000000000000000000000..1695c61b569c923bec62fb901372feda2d00bad2 --- /dev/null +++ b/xorg-server-1.20.14.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5cc5b70b9be89443e2594b93656c60bd5e82cd7f01deb4ce4faf81dcf546a16b +size 5178288 diff --git a/xorg-x11-server.spec b/xorg-x11-server.spec index 32dfcf70e7610a433b156f352f75cd17832fc3cf..ed08bda52d7456b773f21b89b4efc4322a02dc5b 100644 --- a/xorg-x11-server.spec +++ b/xorg-x11-server.spec @@ -15,12 +15,12 @@ %global pkgname xorg-server Name: xorg-x11-server -Version: 1.20.11 -Release: 37 +Version: 1.20.14 +Release: 1 Summary: X.Org X11 X server -License: MIT and GPLv2 +License: MIT and GPL-3.0-or-later URL: https://www.x.org -Source0: https://www.x.org/pub/individual/xserver/xorg-server-%{version}.tar.bz2 +Source0: https://www.x.org/releases/individual/xserver/xorg-server-%{version}.tar.xz Source1: gitignore Source4: 10-quirks.conf Source10: xserver.pamd @@ -82,10 +82,6 @@ Patch0101: 0002-present-Crash-in-present_scmd_get_crtc-and-present_flush.patch Patch0102: 0025-phytium-xfree86-Fixed-display-error-for-ps23xx-when-.patch Patch0029: xorg-s11-server-CVE-2018-20839.patch -Patch6000: backport-CVE-2021-4008.patch -Patch6001: backport-CVE-2021-4009.patch -Patch6002: backport-CVE-2021-4010.patch -Patch6003: backport-CVE-2021-4011.patch Patch6004: backport-rename-bool-to-boolean.patch Patch6005: backport-0001-CVE-2022-2319.patch Patch6006: backport-0002-CVE-2022-2319.patch @@ -133,22 +129,87 @@ Patch6046: backport-0003-CVE-2023-5574.patch Patch6047: backport-CVE-2024-9632.patch Patch6048: backport-xfree86-fbdevhw-fix-pci-detection-on-recent-Linux.patch -BuildRequires: audit-libs-devel autoconf automake bison dbus-devel flex git gcc -BuildRequires: systemtap-sdt-devel libtool pkgconfig -BuildRequires: xorg-x11-font-utils systemd-devel -BuildRequires: libXfont2-devel libXau-devel libxkbfile-devel libXres-devel -BuildRequires: libfontenc-devel libXtst-devel libXdmcp-devel libX11-devel libXext-devel -BuildRequires: libXinerama-devel libXt-devel libdmx-devel libXmu-devel libXrender-devel -BuildRequires: libXi-devel libXpm-devel libXaw-devel libXfixes-devel libepoxy-devel libXv-devel -BuildRequires: openssl-devel kernel-headers -BuildRequires: mesa-libEGL-devel mesa-libgbm-devel libudev-devel xcb-util-devel -BuildRequires: xcb-util-image-devel xcb-util-wm-devel xcb-util-keysyms-devel xcb-util-renderutil-devel -BuildRequires: xorg-x11-xtrans-devel >= 1.3.2 xorg-x11-util-macros >= 1.17 xorg-x11-proto-devel >= 7.7 -BuildRequires: xorg-x11-font-utils >= 7.2 libselinux-devel >= 2.0.86 -BuildRequires: libxshmfence-devel >= 1.1 pixman-devel >= 0.30.0 libdrm-devel >= 2.4.0 -BuildRequires: mesa-libGL-devel >= 9.2 libpciaccess-devel >= 0.13.1 -BuildRequires: wayland-devel wayland-protocols-devel egl-wayland-devel -BuildRequires: pkgconfig(xkbcomp) xkeyboard-config +BuildRequires: autoconf automake libtool +BuildRequires: bison flex +BuildRequires: pkgconfig(bigreqsproto) >= 1.1.0 +BuildRequires: pkgconfig(compositeproto) >= 0.4 +BuildRequires: pkgconfig(damageproto) >= 1.1 +BuildRequires: pkgconfig(dbus-1) >= 1.0 +BuildRequires: pkgconfig(dmx) >= 1.0.99.1 +BuildRequires: pkgconfig(dmxproto) >= 2.2.99.1 +BuildRequires: pkgconfig(dri) >= 7.8.0 +BuildRequires: pkgconfig(dri2proto) >= 2.8 +BuildRequires: pkgconfig(dri3proto) >= 1.2 +BuildRequires: pkgconfig(fontutil) >= 1.1 +BuildRequires: pkgconfig(egl) +BuildRequires: pkgconfig(epoxy) +BuildRequires: pkgconfig(fixesproto) >= 5.0 +BuildRequires: pkgconfig(fontsproto) >= 2.1.3 +BuildRequires: pkgconfig(gbm) >= 10.2.0 +BuildRequires: pkgconfig(gl) >= 1.2 +BuildRequires: pkgconfig(glproto) >= 1.4.17 +BuildRequires: pkgconfig(inputproto) >= 2.3 +BuildRequires: pkgconfig(kbproto) >= 1.0.3 +BuildRequires: pkgconfig(libdrm) >= 2.4.89 +BuildRequires: pkgconfig(libselinux) >= 2.0.86 +BuildRequires: pkgconfig(libsystemd) >= 209 +BuildRequires: pkgconfig(libudev) >= 143 +BuildRequires: pkgconfig(openssl) +BuildRequires: pkgconfig(pciaccess) >= 0.12.901 +BuildRequires: pkgconfig(pixman-1) >= 0.27.2 +BuildRequires: pkgconfig(presentproto) >= 1.1 +BuildRequires: pkgconfig(randrproto) >= 1.6.0 +BuildRequires: pkgconfig(recordproto) >= 1.13.99.1 +BuildRequires: pkgconfig(renderproto) >= 0.11 +BuildRequires: pkgconfig(resourceproto) >= 1.2.0 +BuildRequires: pkgconfig(scrnsaverproto) >= 1.1 +BuildRequires: pkgconfig(videoproto) +BuildRequires: pkgconfig(wayland-client) >= 1.3.0 +BuildRequires: pkgconfig(wayland-protocols) >= 1.10 +BuildRequires: pkgconfig(x11) >= 1.6 +BuildRequires: pkgconfig(x11-xcb) +BuildRequires: pkgconfig(xau) +BuildRequires: pkgconfig(xaw7) +BuildRequires: pkgconfig(xcb) +BuildRequires: pkgconfig(xcb-aux) +BuildRequires: pkgconfig(xcb-glx) +BuildRequires: pkgconfig(xcb-icccm) +BuildRequires: pkgconfig(xcb-image) +BuildRequires: pkgconfig(xcb-keysyms) +BuildRequires: pkgconfig(xcb-randr) +BuildRequires: pkgconfig(xcb-render) +BuildRequires: pkgconfig(xcb-renderutil) +BuildRequires: pkgconfig(xcb-shape) +BuildRequires: pkgconfig(xcb-shm) >= 1.9.3 +BuildRequires: pkgconfig(xcb-xf86dri) > 1.6 +BuildRequires: pkgconfig(xcb-xkb) +BuildRequires: pkgconfig(xcb-xv) +BuildRequires: pkgconfig(xcmiscproto) >= 1.2.0 +BuildRequires: pkgconfig(xdmcp) +BuildRequires: pkgconfig(xext) >= 1.0.99.4 +BuildRequires: pkgconfig(xextproto) >= 7.2.99.901 +BuildRequires: pkgconfig(xf86bigfontproto) >= 1.2.0 +BuildRequires: pkgconfig(xf86dgaproto) >= 2.0.99.1 +BuildRequires: pkgconfig(xf86driproto) >= 2.1.0 +BuildRequires: pkgconfig(xf86vidmodeproto) >= 2.2.99.1 +BuildRequires: pkgconfig(xfixes) +BuildRequires: pkgconfig(xfont2) >= 2.0.0 +BuildRequires: pkgconfig(xi) >= 1.2.99.1 +BuildRequires: pkgconfig(xineramaproto) +BuildRequires: pkgconfig(xkbfile) +BuildRequires: pkgconfig(xmu) +BuildRequires: pkgconfig(xmuu) +BuildRequires: pkgconfig(xorg-macros) >= 1.14 +BuildRequires: pkgconfig(xpm) +BuildRequires: pkgconfig(xproto) >= 7.0.31 +BuildRequires: pkgconfig(xrender) +BuildRequires: pkgconfig(xres) +BuildRequires: pkgconfig(xshmfence) >= 1.1 +BuildRequires: pkgconfig(xt) +BuildRequires: pkgconfig(xtrans) >= 1.3.5 +BuildRequires: pkgconfig(xtst) >= 1.0.99.2 +BuildRequires: audit-libs-devel +BuildRequires: systemtap-sdt-devel %ifarch aarch64 %{arm} x86_64 sw_64 BuildRequires: libunwind-devel @@ -309,7 +370,7 @@ export CFLAGS="$RPM_OPT_FLAGS -specs=/usr/lib/rpm/generic-hardened-cc1" %global xservers --enable-xvfb --enable-xnest %{kdrive} --enable-xorg %global default_font_path "catalogue:/etc/X11/fontpath.d,built-ins" -%global kdrive --enable-kdrive --enable-xephyr --disable-xfake --disable-xfbdev +%global kdrive --enable-kdrive --enable-xephyr %global bodhi_flags --with-vendor-name="%{_vendor} Project" %global dri_flags --enable-dri --enable-dri2 --enable-dri3 --enable-suid-wrapper --enable-glamor @@ -458,18 +519,19 @@ find %{inst_srcdir}/hw/xfree86 -name \*.c -delete %{xserver_source_dir} %files devel -%defattr(-,root,root) %{_bindir}/xserver-sdk-abi-requires %{_libdir}/pkgconfig/xorg-server.pc %{_includedir}/xorg/*.h %{_datadir}/aclocal/xorg-server.m4 %files help -%defattr(-,root,root) %doc ChangeLog README.md %{_mandir}/man*/* %changelog +* Sun Jan 12 2025 Funda Wang - 1.20.14-1 +- update to 1.20.14 + * Sat Dec 07 2024 Funda Wang - 1.20.11-37 - change to correct buildrequires diff --git a/xorg-x11-server.yaml b/xorg-x11-server.yaml index 57988ce76d549c6863d0ebb15cfc7ba9e4419a5d..894ec1cc8b2558ae5d37a08263d7ff898eb3b64d 100644 --- a/xorg-x11-server.yaml +++ b/xorg-x11-server.yaml @@ -1,4 +1,4 @@ version_control: git src_repo: https://gitlab.freedesktop.org/xorg/xserver.git tag_prefix: ^xorg-server- -seperator: . +separator: .