diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2022-12-19 21:18:22 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2022-12-20 13:30:29 +0100 |
| commit | 15705ea3bcf94a6ac99e92ef8fc782b136e71e4f (patch) | |
| tree | b63efbee18ba39144e7a4aafb0be14de1c5116d5 /patches/source/xorg-server | |
| parent | 3c02d6f8a110df5d7d8cf042fb9b09711284fec9 (diff) | |
| download | current-15705ea3bcf94a6ac99e92ef8fc782b136e71e4f.tar.gz current-15705ea3bcf94a6ac99e92ef8fc782b136e71e4f.tar.xz | |
Mon Dec 19 21:18:22 UTC 202220221219211822_15.0
patches/packages/xorg-server-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
This release fixes an invalid event type mask in XTestSwapFakeInput which
was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
for CVE-2022-46340.
patches/packages/xorg-server-xephyr-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-5_slack15.0.txz: Rebuilt.
This release fixes an invalid event type mask in XTestSwapFakeInput which
was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
for CVE-2022-46340.
Diffstat (limited to 'patches/source/xorg-server')
3 files changed, 16 insertions, 1 deletions
diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server index 8dbf9c840..d71bf96f6 100644 --- a/patches/source/xorg-server/build/xorg-server +++ b/patches/source/xorg-server/build/xorg-server @@ -1 +1 @@ -5_slack15.0 +6_slack15.0 diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch index 78dbc965a..bd20a0714 100644 --- a/patches/source/xorg-server/patch/xorg-server.patch +++ b/patches/source/xorg-server/patch/xorg-server.patch @@ -46,3 +46,6 @@ zcat $CWD/patch/xorg-server/CVE-2022-46341.patch.gz | patch -p1 --verbose || { t zcat $CWD/patch/xorg-server/CVE-2022-46342.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } zcat $CWD/patch/xorg-server/CVE-2022-46343.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } zcat $CWD/patch/xorg-server/CVE-2022-46344.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } + +# Fix a bug in the previous patch: +zcat $CWD/patch/xorg-server/CVE-2022-46340.correction.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2022-46340.correction.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2022-46340.correction.patch new file mode 100644 index 000000000..ad31c7916 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/CVE-2022-46340.correction.patch @@ -0,0 +1,12 @@ +diff -u -r --new-file xorg-server-21.1.5/Xext/xtest.c xorg-server-21.1.6/Xext/xtest.c +--- xorg-server-21.1.5/Xext/xtest.c 2022-12-13 20:25:18.000000000 -0600 ++++ xorg-server-21.1.6/Xext/xtest.c 2022-12-19 04:53:03.000000000 -0600 +@@ -502,7 +502,7 @@ + + nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent); + for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) { +- int evtype = ev->u.u.type & 0x177; ++ int evtype = ev->u.u.type & 0177; + /* Swap event */ + proc = EventSwapVector[evtype]; + /* no swapping proc; invalid event type? */ |