Mon Dec 19 21:18:22 UTC 202220221219211822_15.0

patches/packages/xorg-server-1.20.14-x86_64-6_slack15.0.txz: Rebuilt. This release fixes an invalid event type mask in XTestSwapFakeInput which was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix for CVE-2022-46340. patches/packages/xorg-server-xephyr-1.20.14-x86_64-6_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xnest-1.20.14-x86_64-6_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.20.14-x86_64-6_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xwayland-21.1.4-x86_64-5_slack15.0.txz: Rebuilt. This release fixes an invalid event type mask in XTestSwapFakeInput which was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix for CVE-2022-46340.
author: Patrick J Volkerding <volkerdi@slackware.com> 2022-12-19 21:18:22 +0000
committer: Eric Hameleers <alien@slackware.com> 2022-12-20 13:30:29 +0100
commit: 15705ea3bcf94a6ac99e92ef8fc782b136e71e4f (patch)
tree: b63efbee18ba39144e7a4aafb0be14de1c5116d5 /patches
parent: 3c02d6f8a110df5d7d8cf042fb9b09711284fec9 (diff)
download: current-15705ea3bcf94a6ac99e92ef8fc782b136e71e4f.tar.gz
current-15705ea3bcf94a6ac99e92ef8fc782b136e71e4f.tar.xz
10 files changed, 32 insertions, 2 deletions
diff --git a/patches/packages/xorg-server-1.20.14-x86_64-5_slack15.0.txt b/patches/packages/xorg-server-1.20.14-x86_64-6_slack15.0.txt
index ec0248ea9..ec0248ea9 100644
--- a/patches/packages/xorg-server-1.20.14-x86_64-5_slack15.0.txt
+++ b/patches/packages/xorg-server-1.20.14-x86_64-6_slack15.0.txt
diff --git a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-5_slack15.0.txt b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-6_slack15.0.txt
index 2ffb35f60..2ffb35f60 100644
--- a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-5_slack15.0.txt
+++ b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-6_slack15.0.txt
diff --git a/patches/packages/xorg-server-xnest-1.20.14-x86_64-5_slack15.0.txt b/patches/packages/xorg-server-xnest-1.20.14-x86_64-6_slack15.0.txt
index 9c7075278..9c7075278 100644
--- a/patches/packages/xorg-server-xnest-1.20.14-x86_64-5_slack15.0.txt
+++ b/patches/packages/xorg-server-xnest-1.20.14-x86_64-6_slack15.0.txt
diff --git a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-5_slack15.0.txt b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-6_slack15.0.txt
index 675c628db..675c628db 100644
--- a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-5_slack15.0.txt
+++ b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-6_slack15.0.txt
diff --git a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-4_slack15.0.txt b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-5_slack15.0.txt
index 44e18f2cf..44e18f2cf 100644
--- a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-4_slack15.0.txt
+++ b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-5_slack15.0.txt
diff --git a/patches/source/xorg-server-xwayland/CVE-2022-46340.correction.patch b/patches/source/xorg-server-xwayland/CVE-2022-46340.correction.patch
new file mode 100644
index 000000000..ad31c7916
--- /dev/null
+++ b/patches/source/xorg-server-xwayland/CVE-2022-46340.correction.patch
@@ -0,0 +1,12 @@
+diff -u -r --new-file xorg-server-21.1.5/Xext/xtest.c xorg-server-21.1.6/Xext/xtest.c
+--- xorg-server-21.1.5/Xext/xtest.c	2022-12-13 20:25:18.000000000 -0600
++++ xorg-server-21.1.6/Xext/xtest.c	2022-12-19 04:53:03.000000000 -0600
+@@ -502,7 +502,7 @@
+ 
+     nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent);
+     for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) {
+-        int evtype = ev->u.u.type & 0x177;
++        int evtype = ev->u.u.type & 0177;
+         /* Swap event */
+         proc = EventSwapVector[evtype];
+         /* no swapping proc; invalid event type? */
diff --git a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
index 3a44fac64..df91416df 100755
--- a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
+++ b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild
@@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 PKGNAM=xorg-server-xwayland
 SRCNAM=xwayland
 VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-4_slack15.0}
+BUILD=${BUILD:-5_slack15.0}
 
 # Default font paths to be used by the X server:
 DEF_FONTPATH="/usr/share/fonts/misc,/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic"
@@ -97,6 +97,9 @@ zcat $CWD/CVE-2022-46342.patch.gz | patch -p1 --verbose || exit 1
 zcat $CWD/CVE-2022-46343.patch.gz | patch -p1 --verbose || exit 1
 zcat $CWD/CVE-2022-46344.patch.gz | patch -p1 --verbose || exit 1
 
+# Fix a bug in the previous patch:
+zcat $CWD/CVE-2022-46340.correction.patch.gz | patch -p1 --verbose || exit 1
+
 # Configure, build, and install:
 export CFLAGS="$SLKCFLAGS"
 export CXXFLAGS="$SLKCFLAGS"
diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server
index 8dbf9c840..d71bf96f6 100644
--- a/patches/source/xorg-server/build/xorg-server
+++ b/patches/source/xorg-server/build/xorg-server
@@ -1 +1 @@
-5_slack15.0
+6_slack15.0
diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch
index 78dbc965a..bd20a0714 100644
--- a/patches/source/xorg-server/patch/xorg-server.patch
+++ b/patches/source/xorg-server/patch/xorg-server.patch
@@ -46,3 +46,6 @@ zcat $CWD/patch/xorg-server/CVE-2022-46341.patch.gz | patch -p1 --verbose || { t
 zcat $CWD/patch/xorg-server/CVE-2022-46342.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
 zcat $CWD/patch/xorg-server/CVE-2022-46343.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
 zcat $CWD/patch/xorg-server/CVE-2022-46344.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+
+# Fix a bug in the previous patch:
+zcat $CWD/patch/xorg-server/CVE-2022-46340.correction.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2022-46340.correction.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2022-46340.correction.patch
new file mode 100644
index 000000000..ad31c7916
--- /dev/null
+++ b/patches/source/xorg-server/patch/xorg-server/CVE-2022-46340.correction.patch
@@ -0,0 +1,12 @@
+diff -u -r --new-file xorg-server-21.1.5/Xext/xtest.c xorg-server-21.1.6/Xext/xtest.c
+--- xorg-server-21.1.5/Xext/xtest.c	2022-12-13 20:25:18.000000000 -0600
++++ xorg-server-21.1.6/Xext/xtest.c	2022-12-19 04:53:03.000000000 -0600
+@@ -502,7 +502,7 @@
+ 
+     nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent);
+     for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) {
+-        int evtype = ev->u.u.type & 0x177;
++        int evtype = ev->u.u.type & 0177;
+         /* Swap event */
+         proc = EventSwapVector[evtype];
+         /* no swapping proc; invalid event type? */
author	Patrick J Volkerding <volkerdi@slackware.com>	2022-12-19 21:18:22 +0000
committer	Eric Hameleers <alien@slackware.com>	2022-12-20 13:30:29 +0100
commit	15705ea3bcf94a6ac99e92ef8fc782b136e71e4f (patch)
tree	b63efbee18ba39144e7a4aafb0be14de1c5116d5 /patches
parent	3c02d6f8a110df5d7d8cf042fb9b09711284fec9 (diff)
download	current-15705ea3bcf94a6ac99e92ef8fc782b136e71e4f.tar.gz current-15705ea3bcf94a6ac99e92ef8fc782b136e71e4f.tar.xz