From: Bernd Kuhls Date: Sat, 14 Oct 2017 11:37:28 +0000 (+0200) Subject: package/x11r7/xserver_xorg-server: security bump version to 1.19.5 X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=e7713abf89f3fa3ab773813a10b61080471f5bcb;p=buildroot.git package/x11r7/xserver_xorg-server: security bump version to 1.19.5 Fixes xfixes: unvalidated lengths (CVE-2017-12183) Xi: fix wrong extra length check in ProcXIChangeHierarchy (CVE-2017-12178) dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo (CVE-2017-12177) Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176) Signed-off-by: Bernd Kuhls Signed-off-by: Thomas Petazzoni --- diff --git a/package/x11r7/xserver_xorg-server/1.19.4/0001-modesettings-needs-dri2.patch b/package/x11r7/xserver_xorg-server/1.19.4/0001-modesettings-needs-dri2.patch deleted file mode 100644 index 4ef95efc3e..0000000000 --- a/package/x11r7/xserver_xorg-server/1.19.4/0001-modesettings-needs-dri2.patch +++ /dev/null @@ -1,19 +0,0 @@ -Kernel modesettings support also depends on dri2, see -http://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/drivers/modesetting/Makefile.am#n46 - -Patch sent upstream: https://bugs.freedesktop.org/show_bug.cgi?id=91584 - -Signed-off-by: Bernd Kuhls - -diff -uNr xorg-server-1.17.2.org/configure.ac xorg-server-1.17.2/configure.ac ---- xorg-server-1.17.2.org/configure.ac 2015-06-16 17:42:40.000000000 +0200 -+++ xorg-server-1.17.2/configure.ac 2015-08-08 10:44:59.702382624 +0200 -@@ -2036,7 +2036,7 @@ - XORG_SYS_LIBS="$XORG_SYS_LIBS $XORG_MODULES_LIBS" - fi - -- if test "x$DRM" = xyes; then -+ if test "x$DRM" = xyes -a "x$DRI2" = xyes; then - dnl 2.4.46 is required for cursor hotspot support. - PKG_CHECK_EXISTS(libdrm >= 2.4.46) - XORG_DRIVER_MODESETTING=yes diff --git a/package/x11r7/xserver_xorg-server/1.19.4/0002-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch b/package/x11r7/xserver_xorg-server/1.19.4/0002-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch deleted file mode 100644 index c5f04bf251..0000000000 --- a/package/x11r7/xserver_xorg-server/1.19.4/0002-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch +++ /dev/null @@ -1,66 +0,0 @@ -Discover monotonic clock using compile-time check - -monotonic clock check does not work when cross-compiling. - -Upstream-Status: Denied [Does not work on OpenBSD] -Signed-off-by: Jussi Kukkonen - - - -Original patch follows: - -When xorg-xserver is being cross-compiled, there is currently no way -for us to detect whether the monotonic clock is available on the -target system, because we aren't able to run a test program on the host -system. Currently, in this situation, we default to not use the -monotonic clock. One problem with this situation is that the user will -be treated as idle when the date is updated. - -To fix this situation, we now use a compile-time check to detect whether the -monotonic clock is available. This check can run just fine when we are -cross-compiling. - -Signed-off-by: David James - -Downloaded from -https://github.com/openembedded/openembedded-core/blob/master/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch - -Signed-off-by: Bernd Kuhls ---- - configure.ac | 17 +++++++---------- - 1 file changed, 7 insertions(+), 10 deletions(-) - -diff --git a/configure.ac b/configure.ac -index f7ab48c..26e85cd 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1048,19 +1048,16 @@ if ! test "x$have_clock_gettime" = xno; then - CPPFLAGS="$CPPFLAGS -D_POSIX_C_SOURCE=200112L" - fi - -- AC_RUN_IFELSE([AC_LANG_SOURCE([ -+ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ - #include -- --int main(int argc, char *argv[[]]) { -- struct timespec tp; -- -- if (clock_gettime(CLOCK_MONOTONIC, &tp) == 0) -+#include -+int main() { -+#if !(defined(_POSIX_MONOTONIC_CLOCK) && _POSIX_MONOTONIC_CLOCK >= 0 && defined(CLOCK_MONOTONIC)) -+ #error No monotonic clock -+#endif - return 0; -- else -- return 1; - } -- ])], [MONOTONIC_CLOCK=yes], [MONOTONIC_CLOCK=no], -- [MONOTONIC_CLOCK="cross compiling"]) -+]])],[MONOTONIC_CLOCK=yes], [MONOTONIC_CLOCK=no]) - - LIBS="$LIBS_SAVE" - CPPFLAGS="$CPPFLAGS_SAVE" --- -2.1.4 - diff --git a/package/x11r7/xserver_xorg-server/1.19.4/0003-Remove-check-for-useSIGIO-option.patch b/package/x11r7/xserver_xorg-server/1.19.4/0003-Remove-check-for-useSIGIO-option.patch deleted file mode 100644 index d4f0cca67e..0000000000 --- a/package/x11r7/xserver_xorg-server/1.19.4/0003-Remove-check-for-useSIGIO-option.patch +++ /dev/null @@ -1,53 +0,0 @@ -From cf407b16cd65ad6e26a9c8e5984e163409a5c0f7 Mon Sep 17 00:00:00 2001 -From: Prabhu Sundararaj -Date: Mon, 30 Jan 2017 16:32:06 -0600 -Subject: [PATCH] Remove check for useSIGIO option - -Original patch follows: -Commit 6a5a4e60373c1386b311b2a8bb666c32d68a9d99 removes the configure of useSIGIO -option. - -As the xfree86 SIGIO support is reworked to use internal versions of OsBlockSIGIO -and OsReleaseSIGIO. - -No longer the check for useSIGIO is needed - -Upstream-Status: Pending - -Signed-off-by: Prabhu Sundararaj - -Downloaded from -https://github.com/openembedded/openembedded-core/blob/master/meta/recipes-graphics/xorg-xserver/xserver-xorg/0003-Remove-check-for-useSIGIO-option.patch - -Signed-off-by: Mylène Josserand ---- - hw/xfree86/os-support/shared/sigio.c | 6 ------ - 1 file changed, 6 deletions(-) - -diff --git a/hw/xfree86/os-support/shared/sigio.c b/hw/xfree86/os-support/shared/sigio.c -index 884a71c..be76498 100644 ---- a/hw/xfree86/os-support/shared/sigio.c -+++ b/hw/xfree86/os-support/shared/sigio.c -@@ -185,9 +185,6 @@ xf86InstallSIGIOHandler(int fd, void (*f) (int, void *), void *closure) - int i; - int installed = FALSE; - -- if (!xf86Info.useSIGIO) -- return 0; -- - for (i = 0; i < MAX_FUNCS; i++) { - if (!xf86SigIOFuncs[i].f) { - if (xf86IsPipe(fd)) -@@ -256,9 +253,6 @@ xf86RemoveSIGIOHandler(int fd) - int max; - int ret; - -- if (!xf86Info.useSIGIO) -- return 0; -- - max = 0; - ret = 0; - for (i = 0; i < MAX_FUNCS; i++) { --- -2.7.4 - diff --git a/package/x11r7/xserver_xorg-server/1.19.5/0001-modesettings-needs-dri2.patch b/package/x11r7/xserver_xorg-server/1.19.5/0001-modesettings-needs-dri2.patch new file mode 100644 index 0000000000..4ef95efc3e --- /dev/null +++ b/package/x11r7/xserver_xorg-server/1.19.5/0001-modesettings-needs-dri2.patch @@ -0,0 +1,19 @@ +Kernel modesettings support also depends on dri2, see +http://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/drivers/modesetting/Makefile.am#n46 + +Patch sent upstream: https://bugs.freedesktop.org/show_bug.cgi?id=91584 + +Signed-off-by: Bernd Kuhls + +diff -uNr xorg-server-1.17.2.org/configure.ac xorg-server-1.17.2/configure.ac +--- xorg-server-1.17.2.org/configure.ac 2015-06-16 17:42:40.000000000 +0200 ++++ xorg-server-1.17.2/configure.ac 2015-08-08 10:44:59.702382624 +0200 +@@ -2036,7 +2036,7 @@ + XORG_SYS_LIBS="$XORG_SYS_LIBS $XORG_MODULES_LIBS" + fi + +- if test "x$DRM" = xyes; then ++ if test "x$DRM" = xyes -a "x$DRI2" = xyes; then + dnl 2.4.46 is required for cursor hotspot support. + PKG_CHECK_EXISTS(libdrm >= 2.4.46) + XORG_DRIVER_MODESETTING=yes diff --git a/package/x11r7/xserver_xorg-server/1.19.5/0002-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch b/package/x11r7/xserver_xorg-server/1.19.5/0002-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch new file mode 100644 index 0000000000..c5f04bf251 --- /dev/null +++ b/package/x11r7/xserver_xorg-server/1.19.5/0002-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch @@ -0,0 +1,66 @@ +Discover monotonic clock using compile-time check + +monotonic clock check does not work when cross-compiling. + +Upstream-Status: Denied [Does not work on OpenBSD] +Signed-off-by: Jussi Kukkonen + + + +Original patch follows: + +When xorg-xserver is being cross-compiled, there is currently no way +for us to detect whether the monotonic clock is available on the +target system, because we aren't able to run a test program on the host +system. Currently, in this situation, we default to not use the +monotonic clock. One problem with this situation is that the user will +be treated as idle when the date is updated. + +To fix this situation, we now use a compile-time check to detect whether the +monotonic clock is available. This check can run just fine when we are +cross-compiling. + +Signed-off-by: David James + +Downloaded from +https://github.com/openembedded/openembedded-core/blob/master/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch + +Signed-off-by: Bernd Kuhls +--- + configure.ac | 17 +++++++---------- + 1 file changed, 7 insertions(+), 10 deletions(-) + +diff --git a/configure.ac b/configure.ac +index f7ab48c..26e85cd 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1048,19 +1048,16 @@ if ! test "x$have_clock_gettime" = xno; then + CPPFLAGS="$CPPFLAGS -D_POSIX_C_SOURCE=200112L" + fi + +- AC_RUN_IFELSE([AC_LANG_SOURCE([ ++ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ + #include +- +-int main(int argc, char *argv[[]]) { +- struct timespec tp; +- +- if (clock_gettime(CLOCK_MONOTONIC, &tp) == 0) ++#include ++int main() { ++#if !(defined(_POSIX_MONOTONIC_CLOCK) && _POSIX_MONOTONIC_CLOCK >= 0 && defined(CLOCK_MONOTONIC)) ++ #error No monotonic clock ++#endif + return 0; +- else +- return 1; + } +- ])], [MONOTONIC_CLOCK=yes], [MONOTONIC_CLOCK=no], +- [MONOTONIC_CLOCK="cross compiling"]) ++]])],[MONOTONIC_CLOCK=yes], [MONOTONIC_CLOCK=no]) + + LIBS="$LIBS_SAVE" + CPPFLAGS="$CPPFLAGS_SAVE" +-- +2.1.4 + diff --git a/package/x11r7/xserver_xorg-server/1.19.5/0003-Remove-check-for-useSIGIO-option.patch b/package/x11r7/xserver_xorg-server/1.19.5/0003-Remove-check-for-useSIGIO-option.patch new file mode 100644 index 0000000000..d4f0cca67e --- /dev/null +++ b/package/x11r7/xserver_xorg-server/1.19.5/0003-Remove-check-for-useSIGIO-option.patch @@ -0,0 +1,53 @@ +From cf407b16cd65ad6e26a9c8e5984e163409a5c0f7 Mon Sep 17 00:00:00 2001 +From: Prabhu Sundararaj +Date: Mon, 30 Jan 2017 16:32:06 -0600 +Subject: [PATCH] Remove check for useSIGIO option + +Original patch follows: +Commit 6a5a4e60373c1386b311b2a8bb666c32d68a9d99 removes the configure of useSIGIO +option. + +As the xfree86 SIGIO support is reworked to use internal versions of OsBlockSIGIO +and OsReleaseSIGIO. + +No longer the check for useSIGIO is needed + +Upstream-Status: Pending + +Signed-off-by: Prabhu Sundararaj + +Downloaded from +https://github.com/openembedded/openembedded-core/blob/master/meta/recipes-graphics/xorg-xserver/xserver-xorg/0003-Remove-check-for-useSIGIO-option.patch + +Signed-off-by: Mylène Josserand +--- + hw/xfree86/os-support/shared/sigio.c | 6 ------ + 1 file changed, 6 deletions(-) + +diff --git a/hw/xfree86/os-support/shared/sigio.c b/hw/xfree86/os-support/shared/sigio.c +index 884a71c..be76498 100644 +--- a/hw/xfree86/os-support/shared/sigio.c ++++ b/hw/xfree86/os-support/shared/sigio.c +@@ -185,9 +185,6 @@ xf86InstallSIGIOHandler(int fd, void (*f) (int, void *), void *closure) + int i; + int installed = FALSE; + +- if (!xf86Info.useSIGIO) +- return 0; +- + for (i = 0; i < MAX_FUNCS; i++) { + if (!xf86SigIOFuncs[i].f) { + if (xf86IsPipe(fd)) +@@ -256,9 +253,6 @@ xf86RemoveSIGIOHandler(int fd) + int max; + int ret; + +- if (!xf86Info.useSIGIO) +- return 0; +- + max = 0; + ret = 0; + for (i = 0; i < MAX_FUNCS; i++) { +-- +2.7.4 + diff --git a/package/x11r7/xserver_xorg-server/Config.in b/package/x11r7/xserver_xorg-server/Config.in index 71164b3794..08dea0a5ef 100644 --- a/package/x11r7/xserver_xorg-server/Config.in +++ b/package/x11r7/xserver_xorg-server/Config.in @@ -79,7 +79,7 @@ choice bool "X Window System server version" config BR2_PACKAGE_XSERVER_XORG_SERVER_V_1_19 - bool "1.19.3" + bool "1.19.5" select BR2_PACKAGE_XSERVER_XORG_SERVER_VIDEODRV_ABI_23 select BR2_PACKAGE_XLIB_LIBXFONT2 select BR2_PACKAGE_XPROTO_PRESENTPROTO @@ -99,7 +99,7 @@ endchoice config BR2_PACKAGE_XSERVER_XORG_SERVER_VERSION string - default "1.19.4" if BR2_PACKAGE_XSERVER_XORG_SERVER_V_1_19 + default "1.19.5" if BR2_PACKAGE_XSERVER_XORG_SERVER_V_1_19 default "1.17.4" if BR2_PACKAGE_XSERVER_XORG_SERVER_V_1_17 default "1.14.7" if BR2_PACKAGE_XSERVER_XORG_SERVER_V_1_14 diff --git a/package/x11r7/xserver_xorg-server/xserver_xorg-server.hash b/package/x11r7/xserver_xorg-server/xserver_xorg-server.hash index d0acc24102..c0feb985d2 100644 --- a/package/x11r7/xserver_xorg-server/xserver_xorg-server.hash +++ b/package/x11r7/xserver_xorg-server/xserver_xorg-server.hash @@ -3,8 +3,8 @@ sha1 7a95765e56b124758fcd7b609589e65b8870880b x sha256 fcf66fa6ad86227613d2d3e8ae13ded297e2a1e947e9060a083eaf80d323451f xorg-server-1.14.7.tar.bz2 # From https://lists.x.org/archives/xorg-announce/2015-October/002650.html sha256 0c4b45c116a812a996eb432d8508cf26c2ec8c3916ff2a50781796882f8d6457 xorg-server-1.17.4.tar.bz2 -# From https://lists.x.org/archives/xorg-announce/2017-October/002808.html -md5 28cb6d773bfcdfd43500dd64527d2ab0 xorg-server-1.19.4.tar.bz2 -sha1 7a47d5f927ea69681e279c6e5f5e8ff3a21c7152 xorg-server-1.19.4.tar.bz2 -sha256 aa758acea91deaf1f95069ddc5ea3818e13675fb14fef40ad1b3d0b2bf03c9a8 xorg-server-1.19.4.tar.bz2 -sha512 ff80934e42a7dd2d437e947fe02c74c3b25bdbb3002b7005191d52272d5eae8cb3a83377fa32f40000011be88405830e796f6bd3b914bd7fc163ea8ece76226b xorg-server-1.19.4.tar.bz2 +# From https://lists.x.org/archives/xorg-announce/2017-October/002814.html +md5 4ac6feeae6790436ce9de879ca9a3bf8 xorg-server-1.19.5.tar.bz2 +sha1 307d3405f709f7e41966c850b37deefe7f83eb9b xorg-server-1.19.5.tar.bz2 +sha256 18fffa8eb93d06d2800d06321fc0df4d357684d8d714315a66d8dfa7df251447 xorg-server-1.19.5.tar.bz2 +sha512 928dea5850b98cd815004cfa133eca23cfa9521920c934c68a92787f2cae13cca1534eee772a4fb74b8ae8cb92662b5d68b95b834c8aa8ec57cd57cb4e5dd45c xorg-server-1.19.5.tar.bz2