openbsd/xenocara
1
0
Fork 0
mirror of https://github.com/openbsd/xenocara.git synced 2025-12-10 11:19:04 +00:00
Code Issues Projects Releases Wiki Activity
7,744 Commits 1 Branch 0 Tags
da41122fc5a2833f5e9332fc6cd90092a88499ce
Commit Graph

64 Commits

Author SHA1 Message Date
matthieu
3cfba1062d Update to xserver 21.1.16. 
The security fixes were committed earlier. This is the rest of the
21.1.16 update.
 2025-03-02 09:09:28 +00:00
matthieu
04a5e9b4d8 Security fixes from X.Org advisory o February 25, 2025: 
CVE-2025-26594: Use-after-free of the root cursor
CVE-2025-26595: Buffer overflow in XkbVModMaskText()
CVE-2025-26596: Heap overflow in XkbWriteKeySyms()
CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey()
CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
CVE-2025-26600: Use-after-free in PlayReleasedEvents()
CVE-2025-26601: Use-after-free in SyncInitTrigger()
 2025-02-25 15:52:12 +00:00
matthieu
81fd437204 xkb: Fix buffer overflow in _XkbSetCompatMap() 
The _XkbSetCompatMap() function attempts to resize the `sym_interpret`
buffer.

However, It didn't update its size properly. It updated `num_si` only,
without updating `size_si`.

CVE-2024-9632
 2024-10-29 17:58:22 +00:00
matthieu
f9c3f64c48 Update to xserver 21.1.9. 
All the security patches have already been committed.
Udated autoconf to 2.71 explains the large build infrastructure diff.
 2023-10-29 16:45:32 +00:00
matthieu
737e223ef8 Merge X server 21.1.8. tested by kn@ and op@. 2023-05-01 07:41:17 +00:00
matthieu
6c8ea4fe58 Merge xserver 21.1.6. 
Includes a few fixes to the security patches already committed.
 2023-01-22 09:44:41 +00:00
matthieu
8c4424dd36 Add back the meson build system to xserver. 
Not having those file only create noise when merging upstream releases.
 2023-01-22 09:21:08 +00:00
matthieu
49a1671770 Fix serveral X server input validation errors that can cause varios issues: 
* CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack
  overflow
* CVE-2022-46341/ZDI-CAN-19381: X.Org Server XIPassiveUngrab
  out-of-bounds access
* CVE-2022-46342/ZDI-CAN-19400: X.Org Server XvdiSelectVideoNotify
  use-after-free
* CVE-2022-46343/ZDI-CAN-19404: X.Org Server ScreenSaverSetAttributes
  use-after-free
* CVE-2022-46344/ZDI-CAN-19405: X.Org Server XIChangeProperty
  out-of-bounds access
* CVE-2022-46283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free
 2022-12-14 10:29:00 +00:00
matthieu
6bd883d148 MFC: Multiple input validation failures in X server extensions 
CVE-2022-2319/ZDI-CAN-16062 ProcXkbSetGeometry Out-Of-Bounds Access
CVE-2022-2320/ZDI-CAN-16070 ProcXkbSetDeviceInfo Out-Of-Bounds Access
 2022-07-12 19:18:14 +00:00
matthieu
8a0d473d7b Sync with xorg-server 21.1.3. 
This does *not* include the commit that reverts the new computation
of the screen resolution from dimensions returned by the screen since
many of you told they prefer the new behaviour from 21.1.1.

This is going to be discussed again before 7.1
 2022-02-20 17:41:34 +00:00
matthieu
e086cf5adf Update to xserver 21.1.0 2021-11-11 09:03:02 +00:00
matthieu
5bd77e1667 Update to xserver 1.20.13. 2021-09-03 13:19:11 +00:00
matthieu
56c8d99afe Update X server to version 1.20.10. Tested by jsg@ and naddy@ 2020-12-12 09:30:50 +00:00
matthieu
dbbfd61190 Check SetMap request length carefully. 
Avoid out of bounds memory accesses on too short requests.

ZDI-CAN 11572 /  CVE-2020-14360
Reported by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
 2020-12-01 15:25:39 +00:00
matthieu
dd9addae94 Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows 
ZDI-CAN 11389 / CVE-2020-25712
Fix from Jan-Niklas Sohn working with Trend Micro.
 2020-12-01 15:21:28 +00:00
matthieu
83d462e24d Fix integer underflow in XkbSelectEvents() 
Reported by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative.
 2020-08-25 15:42:52 +00:00
matthieu
02b8f73518 Correct bounds checking in XkbSetNames() 
Reported by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative.
 2020-08-25 15:40:59 +00:00
matthieu
9a532c5475 Update to X server 1.20.6. Tested by naddy@ 2019-12-12 06:05:17 +00:00
matthieu
95df71afbd Remove files that are no longer part of upstream tarballs. 
They accumulated over releases for various reasons.
No build change.
 2019-08-03 16:56:01 +00:00
matthieu
a77e9959f3 Update to xserver 1.20.5. Tested by jsg@ 2019-07-27 07:57:06 +00:00
matthieu
857585fc69 Update to xserver 1.19.6. bug fix release 2018-02-18 17:16:37 +00:00
matthieu
1a66cad3fb Update to xserver 1.19.5. 
Tested by bru@, jsg@ and others
 2017-12-08 15:01:59 +00:00
matthieu
9b9efb1bdf MFC: xkb: Handle xkb formated string output safely (CVE-2017-13723) 
Generating strings for XKB data used a single shared static buffer,
which offered several opportunities for errors. Use a ring of
resizable buffers instead, to avoid problems when strings end up
longer than anticipated.
 2017-10-14 09:15:11 +00:00
matthieu
fd77a34918 MFC: xkb: Escape non-printable characters correctly 
XkbStringText escapes non-printable characters using octal numbers.
Such escape sequence would be at most 5 characters long ("\0123"), so
it reserves 5 bytes in the buffer. Due to char->unsigned int
conversion, it would print much longer string for negative numbers.
 2017-10-14 09:12:44 +00:00
matthieu
fd18c20e72 regen 2016-10-11 22:14:30 +00:00
matthieu
6e1bcfb3c6 Update to xserver 1.18.4 
tested by krw@ and dcoppa@ ok dcoppa@
 2016-08-09 18:59:50 +00:00
matthieu
e927c03e30 Update to xserver 1.18.3. Tested by shadchin@ and naddy@. 
Note that indirect GLX is now disbled by default.
 2016-05-29 12:02:34 +00:00
matthieu
86ea9f12e2 Update to xserver 1.17.2. tested by dcoppa@, jsg@, jasper@ & naddy@ 2015-09-16 19:10:19 +00:00
matthieu
5b19f6d757 Update to xserver 1.16.4. 
Contains fix for CVE-2015-0255. ok dcoppa@
 2015-02-11 20:58:46 +00:00
matthieu
4f58590a42 Update to xserver 1.16.1. 
Tested by naddy@, jsg@ & kettenis@
 2014-09-27 17:52:59 +00:00
matthieu
3bbfe7b179 Update to xserver 1.15.1. 
Tested by at least ajacoutot@, dcoppa@ & jasper@
 2014-05-02 19:27:46 +00:00
matthieu
577763cda7 Uodate to xserver 1.14.2. Tested by krw@, shadchin@, todd@ 2013-08-24 19:44:25 +00:00
matthieu
adec87cf5d Update to X server 1.14.1. Tested by many during t2k13. Thanks. 2013-06-07 17:28:45 +00:00
matthieu
e26a212fd0 Regen autotools build system with a clean environment. 
It was previously generated with a config pointing to OpenBSD's libtool
which is not ready yet.
 2012-10-27 14:52:25 +00:00
matthieu
58d9658ddc regen 2012-10-14 08:59:33 +00:00
matthieu
eb59960f12 regen autotools 2012-08-05 18:14:29 +00:00
matthieu
fe11647d1f Update to xserver 1.12.3. 2012-08-05 18:11:37 +00:00
matthieu
e60da74507 Update to xserver 1.12.2. tested by naddy@, krw@, mpi@. 2012-06-10 13:21:05 +00:00
matthieu
61a7d5427d Update to xserver 1.11.2 2011-11-05 13:32:40 +00:00
matthieu
a4d630d049 regen 2011-06-29 19:57:45 +00:00
matthieu
dd56fb17b5 Update to xorg-server 1.9.3. Tested by japser@, landry@ and ajacoutot@ 
in various configurations.
 2010-12-21 20:10:44 +00:00
matthieu
428261197a Upgrade to xorg-server 1.9.2. 
Tested by ajacoutot@, krw@, shadchin@ and jasper@ on various configurations
including multihead with both zaphod and xrandr.
 2010-12-05 15:36:02 +00:00
matthieu
d57b1a146f regen (yes lots of files, since util-macros has been updated). 2010-09-01 13:43:24 +00:00
matthieu
95d684a05b Update to xserver 1.8. Tested by many. Ok oga@, todd@. 2010-07-27 19:02:24 +00:00
matthieu
88f6f3ea75 update to xserver 1.6.4rc1. Tested by many, ok oga@. 2009-09-06 19:44:18 +00:00
matthieu
369cc172f4 Update to xserver 1.5.3 + latests commits on server-1.5-branch. 
tested by stsp@, david@, form@, ckuethe@, oga@. thanks.
 2009-01-12 20:17:47 +00:00
matthieu
60021fe985 xserver 1.5.2. tested by ckuethe@, oga@, and others. 2008-11-02 15:26:08 +00:00
matthieu
97eda17882 Update to xserver 1.4.2. Tested by landry@, ckuethe@, jsing@ mbalmer@. 2008-06-15 00:17:32 +00:00
matthieu
48bc822959 regen. 2008-05-24 20:39:01 +00:00
matthieu
682a69ebb7 Fix from X.Org repository: 
xkb: don't update LEDs if they don't exist (which would trigger an NULL
pointer dereference).
 2008-02-20 21:32:39 +00:00