From 2559feca78bc678c5bbf91419695174d3fcbdf14 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Mon, 17 Oct 2022 19:31:45 +0000 Subject: Mon Oct 17 19:31:45 UTC 2022 patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. xkb: proof GetCountedString against request length attacks. xkb: fix some possible memleaks in XkbGetKbdByName. xquartz: Fix a possible crash when editing the Application menu due to mutating immutable arrays. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3553 (* Security fix *) patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txz: Rebuilt. xkb: proof GetCountedString against request length attacks. xkb: fix some possible memleaks in XkbGetKbdByName. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 (* Security fix *) --- ChangeLog.rss | 34 +++++- ChangeLog.txt | 22 ++++ FILELIST.TXT | 117 +++++++++++---------- .../xorg-server-1.20.14-x86_64-3_slack15.0.txt | 11 -- .../xorg-server-1.20.14-x86_64-4_slack15.0.txt | 11 ++ ...rg-server-xephyr-1.20.14-x86_64-3_slack15.0.txt | 11 -- ...rg-server-xephyr-1.20.14-x86_64-4_slack15.0.txt | 11 ++ ...org-server-xnest-1.20.14-x86_64-3_slack15.0.txt | 11 -- ...org-server-xnest-1.20.14-x86_64-4_slack15.0.txt | 11 ++ ...xorg-server-xvfb-1.20.14-x86_64-3_slack15.0.txt | 11 -- ...xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txt | 11 ++ ...g-server-xwayland-21.1.4-x86_64-2_slack15.0.txt | 11 -- ...g-server-xwayland-21.1.4-x86_64-3_slack15.0.txt | 11 ++ .../xorg-server-xwayland/CVE-2022-3550.patch | 34 ++++++ .../xorg-server-xwayland/CVE-2022-3551.patch | 59 +++++++++++ .../xorg-server-xwayland.SlackBuild | 6 +- patches/source/xorg-server/build/xorg-server | 2 +- patches/source/xorg-server/patch/xorg-server.patch | 5 + .../patch/xorg-server/CVE-2022-3550.patch | 34 ++++++ .../patch/xorg-server/CVE-2022-3551.patch | 59 +++++++++++ .../patch/xorg-server/CVE-2022-3553.patch | 43 ++++++++ recompress.sh | 5 + 22 files changed, 415 insertions(+), 115 deletions(-) delete mode 100644 patches/packages/xorg-server-1.20.14-x86_64-3_slack15.0.txt create mode 100644 patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txt delete mode 100644 patches/packages/xorg-server-xephyr-1.20.14-x86_64-3_slack15.0.txt create mode 100644 patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txt delete mode 100644 patches/packages/xorg-server-xnest-1.20.14-x86_64-3_slack15.0.txt create mode 100644 patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txt delete mode 100644 patches/packages/xorg-server-xvfb-1.20.14-x86_64-3_slack15.0.txt create mode 100644 patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txt delete mode 100644 patches/packages/xorg-server-xwayland-21.1.4-x86_64-2_slack15.0.txt create mode 100644 patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txt create mode 100644 patches/source/xorg-server-xwayland/CVE-2022-3550.patch create mode 100644 patches/source/xorg-server-xwayland/CVE-2022-3551.patch create mode 100644 patches/source/xorg-server/patch/xorg-server/CVE-2022-3550.patch create mode 100644 patches/source/xorg-server/patch/xorg-server/CVE-2022-3551.patch create mode 100644 patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch diff --git a/ChangeLog.rss b/ChangeLog.rss index d40b4c801..e0a767b60 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,9 +11,39 @@ Tracking Slackware development in git. en-us urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f - Mon, 17 Oct 2022 00:42:43 GMT - Mon, 17 Oct 2022 11:30:19 GMT + Mon, 17 Oct 2022 19:31:45 GMT + Tue, 18 Oct 2022 11:30:20 GMT maintain_current_git.sh v 1.17 + + Mon, 17 Oct 2022 19:31:45 GMT + Mon, 17 Oct 2022 19:31:45 GMT + https://git.slackware.nl/current/tag/?h=20221017193145 + 20221017193145 + + +patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. + xkb: proof GetCountedString against request length attacks. + xkb: fix some possible memleaks in XkbGetKbdByName. + xquartz: Fix a possible crash when editing the Application menu due + to mutating immutable arrays. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3553 + (* Security fix *) +patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txz: Rebuilt. + xkb: proof GetCountedString against request length attacks. + xkb: fix some possible memleaks in XkbGetKbdByName. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 + (* Security fix *) + ]]> + + Mon, 17 Oct 2022 00:42:43 GMT Mon, 17 Oct 2022 00:42:43 GMT diff --git a/ChangeLog.txt b/ChangeLog.txt index f50677de6..3b3e49023 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,25 @@ +Mon Oct 17 19:31:45 UTC 2022 +patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. + xkb: proof GetCountedString against request length attacks. + xkb: fix some possible memleaks in XkbGetKbdByName. + xquartz: Fix a possible crash when editing the Application menu due + to mutating immutable arrays. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3553 + (* Security fix *) +patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txz: Rebuilt. +patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txz: Rebuilt. + xkb: proof GetCountedString against request length attacks. + xkb: fix some possible memleaks in XkbGetKbdByName. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551 + (* Security fix *) ++--------------------------+ Mon Oct 17 00:42:43 UTC 2022 patches/packages/glibc-zoneinfo-2022e-noarch-1_slack15.0.txz: Upgraded. This package provides the latest timezone updates. diff --git a/FILELIST.TXT b/FILELIST.TXT index a585369a4..edd04f05b 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Mon Oct 17 00:47:47 UTC 2022 +Mon Oct 17 19:34:06 UTC 2022 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2022-10-17 00:42 . +drwxr-xr-x 12 root root 4096 2022-10-17 19:31 . -rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0 -rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1155186 2022-10-15 20:34 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-10-15 20:34 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1155186 2022-10-17 00:48 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-10-17 00:48 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 1940018 2022-10-17 00:42 ./ChangeLog.txt +-rw-r--r-- 1 root root 1941216 2022-10-17 19:31 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi @@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1507926 2022-10-15 20:34 ./FILELIST.TXT +-rw-r--r-- 1 root root 1507926 2022-10-17 00:47 ./FILELIST.TXT -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY -rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT -rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT @@ -738,13 +738,13 @@ drwxr-xr-x 2 root root 4096 2008-05-07 05:21 ./pasture/source/php/pear -rwxr-xr-x 1 root root 9448 2018-05-16 22:38 ./pasture/source/php/php.SlackBuild -rw-r--r-- 1 root root 775 2017-07-07 19:25 ./pasture/source/php/php.ini-development.diff.gz -rw-r--r-- 1 root root 830 2005-12-09 05:18 ./pasture/source/php/slack-desc -drwxr-xr-x 4 root root 4096 2022-10-17 00:47 ./patches --rw-r--r-- 1 root root 50789 2022-10-17 00:47 ./patches/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-10-17 00:47 ./patches/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 67845 2022-10-17 00:47 ./patches/FILE_LIST --rw-r--r-- 1 root root 11641091 2022-10-17 00:47 ./patches/MANIFEST.bz2 --rw-r--r-- 1 root root 37791 2022-10-17 00:47 ./patches/PACKAGES.TXT -drwxr-xr-x 3 root root 16384 2022-10-17 00:47 ./patches/packages +drwxr-xr-x 4 root root 4096 2022-10-17 19:34 ./patches +-rw-r--r-- 1 root root 51251 2022-10-17 19:34 ./patches/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-10-17 19:34 ./patches/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 68392 2022-10-17 19:34 ./patches/FILE_LIST +-rw-r--r-- 1 root root 11626500 2022-10-17 19:34 ./patches/MANIFEST.bz2 +-rw-r--r-- 1 root root 37791 2022-10-17 19:34 ./patches/PACKAGES.TXT +drwxr-xr-x 3 root root 16384 2022-10-17 19:33 ./patches/packages -rw-r--r-- 1 root root 327 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txt -rw-r--r-- 1 root root 10716 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz -rw-r--r-- 1 root root 163 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz.asc @@ -902,28 +902,28 @@ drwxr-xr-x 2 root root 4096 2022-08-26 04:06 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 367 2022-04-12 19:47 ./patches/packages/whois-5.5.13-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 62016 2022-04-12 19:47 ./patches/packages/whois-5.5.13-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-04-12 19:47 ./patches/packages/whois-5.5.13-x86_64-1_slack15.0.txz.asc --rw-r--r-- 1 root root 670 2022-07-12 20:36 ./patches/packages/xorg-server-1.20.14-x86_64-3_slack15.0.txt --rw-r--r-- 1 root root 1778992 2022-07-12 20:36 ./patches/packages/xorg-server-1.20.14-x86_64-3_slack15.0.txz --rw-r--r-- 1 root root 163 2022-07-12 20:36 ./patches/packages/xorg-server-1.20.14-x86_64-3_slack15.0.txz.asc --rw-r--r-- 1 root root 370 2022-07-12 20:36 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-3_slack15.0.txt --rw-r--r-- 1 root root 868980 2022-07-12 20:36 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-3_slack15.0.txz --rw-r--r-- 1 root root 163 2022-07-12 20:36 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-3_slack15.0.txz.asc --rw-r--r-- 1 root root 592 2022-07-12 20:36 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-3_slack15.0.txt --rw-r--r-- 1 root root 604772 2022-07-12 20:36 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-3_slack15.0.txz --rw-r--r-- 1 root root 163 2022-07-12 20:36 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-3_slack15.0.txz.asc --rw-r--r-- 1 root root 689 2022-07-12 20:36 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-3_slack15.0.txt --rw-r--r-- 1 root root 731032 2022-07-12 20:36 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-3_slack15.0.txz --rw-r--r-- 1 root root 163 2022-07-12 20:36 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-3_slack15.0.txz.asc --rw-r--r-- 1 root root 816 2022-09-27 02:34 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-2_slack15.0.txt --rw-r--r-- 1 root root 816808 2022-09-27 02:34 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-2_slack15.0.txz --rw-r--r-- 1 root root 163 2022-09-27 02:34 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-2_slack15.0.txz.asc +-rw-r--r-- 1 root root 670 2022-10-17 18:31 ./patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txt +-rw-r--r-- 1 root root 1779544 2022-10-17 18:31 ./patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txz +-rw-r--r-- 1 root root 163 2022-10-17 18:31 ./patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txz.asc +-rw-r--r-- 1 root root 370 2022-10-17 18:31 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txt +-rw-r--r-- 1 root root 868524 2022-10-17 18:31 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txz +-rw-r--r-- 1 root root 163 2022-10-17 18:31 ./patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txz.asc +-rw-r--r-- 1 root root 592 2022-10-17 18:31 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txt +-rw-r--r-- 1 root root 605012 2022-10-17 18:31 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txz +-rw-r--r-- 1 root root 163 2022-10-17 18:31 ./patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txz.asc +-rw-r--r-- 1 root root 689 2022-10-17 18:31 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txt +-rw-r--r-- 1 root root 730780 2022-10-17 18:31 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txz +-rw-r--r-- 1 root root 163 2022-10-17 18:31 ./patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txz.asc +-rw-r--r-- 1 root root 816 2022-10-17 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txt +-rw-r--r-- 1 root root 816584 2022-10-17 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txz +-rw-r--r-- 1 root root 163 2022-10-17 18:37 ./patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txz.asc -rw-r--r-- 1 root root 489 2022-04-14 21:04 ./patches/packages/xz-5.2.5-x86_64-4_slack15.0.txt -rw-r--r-- 1 root root 322660 2022-04-14 21:04 ./patches/packages/xz-5.2.5-x86_64-4_slack15.0.txz -rw-r--r-- 1 root root 163 2022-04-14 21:04 ./patches/packages/xz-5.2.5-x86_64-4_slack15.0.txz.asc -rw-r--r-- 1 root root 388 2022-10-15 04:05 ./patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 105356 2022-10-15 04:05 ./patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-10-15 04:05 ./patches/packages/zlib-1.2.13-x86_64-1_slack15.0.txz.asc -drwxr-xr-x 52 root root 4096 2022-10-17 00:34 ./patches/source +drwxr-xr-x 52 root root 4096 2022-10-17 19:30 ./patches/source drwxr-xr-x 2 root root 4096 2022-01-16 05:07 ./patches/source/aaa_base -rw-r--r-- 1 root root 11041 2022-02-15 04:49 ./patches/source/aaa_base/_aaa_base.tar.gz -rwxr-xr-x 1 root root 3894 2022-02-15 05:07 ./patches/source/aaa_base/aaa_base.SlackBuild @@ -1407,17 +1407,19 @@ drwxr-xr-x 2 root root 4096 2022-04-12 19:47 ./patches/source/whois -rwxr-xr-x 1 root root 2917 2022-03-28 19:06 ./patches/source/whois/whois.SlackBuild -rw-r--r-- 1 root root 33 2019-07-24 18:55 ./patches/source/whois/whois.url drwxr-xr-x 10 root root 4096 2022-07-12 20:19 ./patches/source/xorg-server -drwxr-xr-x 2 root root 4096 2022-09-27 02:31 ./patches/source/xorg-server-xwayland +drwxr-xr-x 2 root root 4096 2022-10-17 18:37 ./patches/source/xorg-server-xwayland -rw-r--r-- 1 root root 1175 2022-07-12 17:02 ./patches/source/xorg-server-xwayland/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz -rw-r--r-- 1 root root 2243 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz -rw-r--r-- 1 root root 1923 2022-07-12 17:03 ./patches/source/xorg-server-xwayland/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz +-rw-r--r-- 1 root root 637 2022-10-17 18:19 ./patches/source/xorg-server-xwayland/CVE-2022-3550.patch.gz +-rw-r--r-- 1 root root 842 2022-10-17 18:21 ./patches/source/xorg-server-xwayland/CVE-2022-3551.patch.gz -rw-r--r-- 1 root root 1287 2021-04-18 18:21 ./patches/source/xorg-server-xwayland/slack-desc --rwxr-xr-x 1 root root 5425 2022-09-27 02:30 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild +-rwxr-xr-x 1 root root 5586 2022-10-17 18:37 ./patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild -rw-r--r-- 1 root root 1261712 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz -rw-r--r-- 1 root root 95 2021-12-14 14:01 ./patches/source/xorg-server-xwayland/xwayland-21.1.4.tar.xz.sig -rw-r--r-- 1 root root 376 2021-01-16 18:58 ./patches/source/xorg-server/arch.use.flags drwxr-xr-x 2 root root 4096 2013-04-18 22:42 ./patches/source/xorg-server/build --rw-r--r-- 1 root root 12 2022-07-12 19:50 ./patches/source/xorg-server/build/xorg-server +-rw-r--r-- 1 root root 12 2022-10-17 18:18 ./patches/source/xorg-server/build/xorg-server drwxr-xr-x 2 root root 4096 2022-07-12 19:51 ./patches/source/xorg-server/configure -rw-r--r-- 1 root root 3140 2021-12-26 22:45 ./patches/source/xorg-server/configure/xorg-server drwxr-xr-x 2 root root 4096 2013-04-18 22:43 ./patches/source/xorg-server/doinst.sh @@ -1427,8 +1429,8 @@ drwxr-xr-x 2 root root 4096 2022-07-12 19:52 ./patches/source/xorg-server/ -rw-r--r-- 1 root root 1189 2018-05-03 12:16 ./patches/source/xorg-server/noarch -rw-r--r-- 1 root root 833 2019-12-09 18:56 ./patches/source/xorg-server/package-blacklist drwxr-xr-x 3 root root 4096 2022-07-12 20:22 ./patches/source/xorg-server/patch -drwxr-xr-x 2 root root 4096 2022-07-12 20:24 ./patches/source/xorg-server/patch/xorg-server --rw-r--r-- 1 root root 2805 2022-07-12 20:24 ./patches/source/xorg-server/patch/xorg-server.patch +drwxr-xr-x 2 root root 4096 2022-10-17 18:28 ./patches/source/xorg-server/patch/xorg-server +-rw-r--r-- 1 root root 3255 2022-10-17 18:29 ./patches/source/xorg-server/patch/xorg-server.patch -rw-r--r-- 1 root root 623 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch.gz -rw-r--r-- 1 root root 3846 2018-07-15 18:32 ./patches/source/xorg-server/patch/xorg-server/0001-autobind-GPUs-to-the-screen.patch.gz -rw-r--r-- 1 root root 1175 2022-07-12 17:02 ./patches/source/xorg-server/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz @@ -1436,6 +1438,9 @@ drwxr-xr-x 2 root root 4096 2022-07-12 20:24 ./patches/source/xorg-server/ -rw-r--r-- 1 root root 2243 2022-07-12 17:03 ./patches/source/xorg-server/patch/xorg-server/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz -rw-r--r-- 1 root root 1923 2022-07-12 17:03 ./patches/source/xorg-server/patch/xorg-server/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz -rw-r--r-- 1 root root 418 2020-12-02 09:50 ./patches/source/xorg-server/patch/xorg-server/06_use-intel-only-on-pre-gen4.diff.gz +-rw-r--r-- 1 root root 637 2022-10-17 18:19 ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3550.patch.gz +-rw-r--r-- 1 root root 842 2022-10-17 18:21 ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3551.patch.gz +-rw-r--r-- 1 root root 907 2022-10-17 18:21 ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch.gz -rw-r--r-- 1 root root 298 2018-05-30 05:02 ./patches/source/xorg-server/patch/xorg-server/fix-nouveau-segfault.diff.gz -rw-r--r-- 1 root root 357 2020-09-11 18:38 ./patches/source/xorg-server/patch/xorg-server/fix-pci-segfault.diff.gz -rw-r--r-- 1 root root 340 2012-04-14 03:01 ./patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff.gz @@ -2719,13 +2724,13 @@ drwxr-xr-x 2 root root 69632 2022-02-01 08:29 ./slackware64/kde -rw-r--r-- 1 root root 10015084 2022-01-06 23:05 ./slackware64/kde/kdevelop-21.12.1-x86_64-1.txz -rw-r--r-- 1 root root 163 2022-01-06 23:05 ./slackware64/kde/kdevelop-21.12.1-x86_64-1.txz.asc -rw-r--r-- 1 root root 289 2021-09-30 20:09 ./slackware64/kde/kdevelop-pg-qt-2.2.1-x86_64-4.txt --rw-r--r-- 1 root root 495072 2021-09-30 20:09 ./slackware64/kde/kdevelop-pg-qt-2.2.1-x86_64-4.txz --rw-r--r-- 1 root root 163 2021-09-30 20:09 ./slackware64/kde/kdevelop-pg-qt-2.2.1-x86_64-4.txz.asc --rw-r--r-- 1 root root 550 2022-01-08 22:40 ./slackware64/kde/kdewebkit-5.90.0-x86_64-1.txt --rw-r--r-- 1 root root 71816 2022-01-08 22:40 ./slackware64/kde/kdewebkit-5.90.0-x86_64-1.txz --rw-r--r-- 1 root root 163 2022-01-08 22:40 ./slackware64/kde/kdewebkit-5.90.0-x86_64-1.txz.asc --rw-r--r-- 1 root root 315 2022-01-06 22:03 ./slackware64/kde/kdf-21.12.1-x86_64-1.txt --rw-r--r-- 1 root root 603020 2022-01-06 22:03 ./slackware64/kde/kdf-21.12.1-x86_64-1.txz +-rw-r--r-- 1 root root 495072 2021-09-30 20:09 ./slackware64/kde/kdevelop-pg-qt-2.2.1-x86_64-4.txz +-rw-r--r-- 1 root root 163 2021-09-30 20:09 ./slackware64/kde/kdevelop-pg-qt-2.2.1-x86_64-4.txz.asc +-rw-r--r-- 1 root root 550 2022-01-08 22:40 ./slackware64/kde/kdewebkit-5.90.0-x86_64-1.txt +-rw-r--r-- 1 root root 71816 2022-01-08 22:40 ./slackware64/kde/kdewebkit-5.90.0-x86_64-1.txz +-rw-r--r-- 1 root root 163 2022-01-08 22:40 ./slackware64/kde/kdewebkit-5.90.0-x86_64-1.txz.asc +-rw-r--r-- 1 root root 315 2022-01-06 22:03 ./slackware64/kde/kdf-21.12.1-x86_64-1.txt +-rw-r--r-- 1 root root 603020 2022-01-06 22:03 ./slackware64/kde/kdf-21.12.1-x86_64-1.txz -rw-r--r-- 1 root root 163 2022-01-06 22:03 ./slackware64/kde/kdf-21.12.1-x86_64-1.txz.asc -rw-r--r-- 1 root root 272 2021-09-30 20:13 ./slackware64/kde/kdiagram-2.8.0-x86_64-4.txt -rw-r--r-- 1 root root 564724 2021-09-30 20:13 ./slackware64/kde/kdiagram-2.8.0-x86_64-4.txz @@ -5466,14 +5471,14 @@ drwxr-xr-x 2 root root 65536 2022-02-01 04:47 ./slackware64/x -rw-r--r-- 1 root root 382 2021-02-13 13:08 ./slackware64/x/libXxf86dga-1.1.5-x86_64-3.txt -rw-r--r-- 1 root root 30204 2021-02-13 13:08 ./slackware64/x/libXxf86dga-1.1.5-x86_64-3.txz -rw-r--r-- 1 root root 163 2021-02-13 13:08 ./slackware64/x/libXxf86dga-1.1.5-x86_64-3.txz.asc --rw-r--r-- 1 root root 401 2021-02-13 13:08 ./slackware64/x/libXxf86misc-1.0.4-x86_64-3.txt --rw-r--r-- 1 root root 18968 2021-02-13 13:08 ./slackware64/x/libXxf86misc-1.0.4-x86_64-3.txz --rw-r--r-- 1 root root 163 2021-02-13 13:08 ./slackware64/x/libXxf86misc-1.0.4-x86_64-3.txz.asc --rw-r--r-- 1 root root 368 2021-02-13 13:08 ./slackware64/x/libXxf86vm-1.1.4-x86_64-5.txt --rw-r--r-- 1 root root 27472 2021-02-13 13:08 ./slackware64/x/libXxf86vm-1.1.4-x86_64-5.txz --rw-r--r-- 1 root root 163 2021-02-13 13:08 ./slackware64/x/libXxf86vm-1.1.4-x86_64-5.txz.asc --rw-r--r-- 1 root root 320 2021-02-13 13:08 ./slackware64/x/libdmx-1.1.4-x86_64-3.txt --rw-r--r-- 1 root root 45212 2021-02-13 13:08 ./slackware64/x/libdmx-1.1.4-x86_64-3.txz +-rw-r--r-- 1 root root 401 2021-02-13 13:08 ./slackware64/x/libXxf86misc-1.0.4-x86_64-3.txt +-rw-r--r-- 1 root root 18968 2021-02-13 13:08 ./slackware64/x/libXxf86misc-1.0.4-x86_64-3.txz +-rw-r--r-- 1 root root 163 2021-02-13 13:08 ./slackware64/x/libXxf86misc-1.0.4-x86_64-3.txz.asc +-rw-r--r-- 1 root root 368 2021-02-13 13:08 ./slackware64/x/libXxf86vm-1.1.4-x86_64-5.txt +-rw-r--r-- 1 root root 27472 2021-02-13 13:08 ./slackware64/x/libXxf86vm-1.1.4-x86_64-5.txz +-rw-r--r-- 1 root root 163 2021-02-13 13:08 ./slackware64/x/libXxf86vm-1.1.4-x86_64-5.txz.asc +-rw-r--r-- 1 root root 320 2021-02-13 13:08 ./slackware64/x/libdmx-1.1.4-x86_64-3.txt +-rw-r--r-- 1 root root 45212 2021-02-13 13:08 ./slackware64/x/libdmx-1.1.4-x86_64-3.txz -rw-r--r-- 1 root root 163 2021-02-13 13:08 ./slackware64/x/libdmx-1.1.4-x86_64-3.txz.asc -rw-r--r-- 1 root root 259 2022-01-03 19:53 ./slackware64/x/libdrm-2.4.109-x86_64-1.txt -rw-r--r-- 1 root root 258996 2022-01-03 19:53 ./slackware64/x/libdrm-2.4.109-x86_64-1.txz @@ -15088,13 +15093,13 @@ drwxr-xr-x 2 root root 4096 2022-01-25 05:57 ./source/x/x11/src/driver -rw-r--r-- 1 root root 288116 2019-07-25 18:19 ./source/x/x11/src/driver/xf86-video-s3-0.7.0.tar.xz -rw-r--r-- 1 root root 310464 2019-02-08 02:53 ./source/x/x11/src/driver/xf86-video-s3virge-1.11.0.tar.xz -rw-r--r-- 1 root root 94456 2019-03-17 18:30 ./source/x/x11/src/driver/xf86-video-savage-20190128_8579718.tar.xz --rw-r--r-- 1 root root 339820 2017-01-17 22:43 ./source/x/x11/src/driver/xf86-video-siliconmotion-1.7.9.tar.xz --rw-r--r-- 1 root root 611060 2019-12-03 19:22 ./source/x/x11/src/driver/xf86-video-sis-0.12.0.tar.xz --rw-r--r-- 1 root root 333364 2017-01-17 22:46 ./source/x/x11/src/driver/xf86-video-sisusb-0.9.7.tar.xz --rw-r--r-- 1 root root 302700 2019-02-16 00:26 ./source/x/x11/src/driver/xf86-video-tdfx-1.5.0.tar.xz --rw-r--r-- 1 root root 265952 2012-07-17 06:31 ./source/x/x11/src/driver/xf86-video-tga-1.2.2.tar.xz --rw-r--r-- 1 root root 310436 2017-01-17 22:47 ./source/x/x11/src/driver/xf86-video-trident-1.3.8.tar.xz --rw-r--r-- 1 root root 277748 2012-07-17 06:33 ./source/x/x11/src/driver/xf86-video-tseng-1.2.5.tar.xz +-rw-r--r-- 1 root root 339820 2017-01-17 22:43 ./source/x/x11/src/driver/xf86-video-siliconmotion-1.7.9.tar.xz +-rw-r--r-- 1 root root 611060 2019-12-03 19:22 ./source/x/x11/src/driver/xf86-video-sis-0.12.0.tar.xz +-rw-r--r-- 1 root root 333364 2017-01-17 22:46 ./source/x/x11/src/driver/xf86-video-sisusb-0.9.7.tar.xz +-rw-r--r-- 1 root root 302700 2019-02-16 00:26 ./source/x/x11/src/driver/xf86-video-tdfx-1.5.0.tar.xz +-rw-r--r-- 1 root root 265952 2012-07-17 06:31 ./source/x/x11/src/driver/xf86-video-tga-1.2.2.tar.xz +-rw-r--r-- 1 root root 310436 2017-01-17 22:47 ./source/x/x11/src/driver/xf86-video-trident-1.3.8.tar.xz +-rw-r--r-- 1 root root 277748 2012-07-17 06:33 ./source/x/x11/src/driver/xf86-video-tseng-1.2.5.tar.xz -rw-r--r-- 1 root root 274284 2018-08-14 19:04 ./source/x/x11/src/driver/xf86-video-v4l-0.3.0.tar.xz -rw-r--r-- 1 root root 296884 2017-11-29 08:54 ./source/x/x11/src/driver/xf86-video-vboxvideo-1.0.0.tar.xz -rw-r--r-- 1 root root 270212 2020-09-10 22:04 ./source/x/x11/src/driver/xf86-video-vesa-2.5.0.tar.xz diff --git a/patches/packages/xorg-server-1.20.14-x86_64-3_slack15.0.txt b/patches/packages/xorg-server-1.20.14-x86_64-3_slack15.0.txt deleted file mode 100644 index ec0248ea9..000000000 --- a/patches/packages/xorg-server-1.20.14-x86_64-3_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -xorg-server: xorg-server (The Xorg server, the core of the X Window System) -xorg-server: -xorg-server: Xorg is a full featured X server that was originally designed for UNIX -xorg-server: and UNIX-like operating systems running on Intel x86 hardware. It now -xorg-server: runs on a wider range of hardware and OS platforms. This work was -xorg-server: derived by the X.Org Foundation from the XFree86 Project's XFree86 -xorg-server: 4.4rc2 release. The XFree86 release was originally derived from X386 -xorg-server: 1.2 by Thomas Roell which was contributed to X11R5 by Snitily Graphics -xorg-server: Consulting Service. -xorg-server: -xorg-server: Homepage: https://www.x.org diff --git a/patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txt b/patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txt new file mode 100644 index 000000000..ec0248ea9 --- /dev/null +++ b/patches/packages/xorg-server-1.20.14-x86_64-4_slack15.0.txt @@ -0,0 +1,11 @@ +xorg-server: xorg-server (The Xorg server, the core of the X Window System) +xorg-server: +xorg-server: Xorg is a full featured X server that was originally designed for UNIX +xorg-server: and UNIX-like operating systems running on Intel x86 hardware. It now +xorg-server: runs on a wider range of hardware and OS platforms. This work was +xorg-server: derived by the X.Org Foundation from the XFree86 Project's XFree86 +xorg-server: 4.4rc2 release. The XFree86 release was originally derived from X386 +xorg-server: 1.2 by Thomas Roell which was contributed to X11R5 by Snitily Graphics +xorg-server: Consulting Service. +xorg-server: +xorg-server: Homepage: https://www.x.org diff --git a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-3_slack15.0.txt b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-3_slack15.0.txt deleted file mode 100644 index 2ffb35f60..000000000 --- a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-3_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -xorg-server-xephyr: xorg-server-xephyr (Improved nested X server/client) -xorg-server-xephyr: -xorg-server-xephyr: Xephyr is a nested X-Client like Xnest, but with some additional -xorg-server-xephyr: features like XRender support. -xorg-server-xephyr: -xorg-server-xephyr: -xorg-server-xephyr: -xorg-server-xephyr: -xorg-server-xephyr: -xorg-server-xephyr: -xorg-server-xephyr: diff --git a/patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txt b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txt new file mode 100644 index 000000000..2ffb35f60 --- /dev/null +++ b/patches/packages/xorg-server-xephyr-1.20.14-x86_64-4_slack15.0.txt @@ -0,0 +1,11 @@ +xorg-server-xephyr: xorg-server-xephyr (Improved nested X server/client) +xorg-server-xephyr: +xorg-server-xephyr: Xephyr is a nested X-Client like Xnest, but with some additional +xorg-server-xephyr: features like XRender support. +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: diff --git a/patches/packages/xorg-server-xnest-1.20.14-x86_64-3_slack15.0.txt b/patches/packages/xorg-server-xnest-1.20.14-x86_64-3_slack15.0.txt deleted file mode 100644 index 9c7075278..000000000 --- a/patches/packages/xorg-server-xnest-1.20.14-x86_64-3_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -xorg-server-xnest: xorg-server-xnest (a nested X server) -xorg-server-xnest: -xorg-server-xnest: Xnest is an experimental nested server for X that acts as both a -xorg-server-xnest: client and a server. Xnest is a client of the real server which -xorg-server-xnest: manages windows and graphics requests on its behalf. Xnest is a -xorg-server-xnest: server to its own clients. Xnest manages windows and graphics -xorg-server-xnest: requests on their behalf. To these clients Xnest appears to be a -xorg-server-xnest: conventional server. -xorg-server-xnest: -xorg-server-xnest: -xorg-server-xnest: diff --git a/patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txt b/patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txt new file mode 100644 index 000000000..9c7075278 --- /dev/null +++ b/patches/packages/xorg-server-xnest-1.20.14-x86_64-4_slack15.0.txt @@ -0,0 +1,11 @@ +xorg-server-xnest: xorg-server-xnest (a nested X server) +xorg-server-xnest: +xorg-server-xnest: Xnest is an experimental nested server for X that acts as both a +xorg-server-xnest: client and a server. Xnest is a client of the real server which +xorg-server-xnest: manages windows and graphics requests on its behalf. Xnest is a +xorg-server-xnest: server to its own clients. Xnest manages windows and graphics +xorg-server-xnest: requests on their behalf. To these clients Xnest appears to be a +xorg-server-xnest: conventional server. +xorg-server-xnest: +xorg-server-xnest: +xorg-server-xnest: diff --git a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-3_slack15.0.txt b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-3_slack15.0.txt deleted file mode 100644 index 675c628db..000000000 --- a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-3_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -xorg-server-xvfb: xorg-server-xvfb (virtual framebuffer X server) -xorg-server-xvfb: -xorg-server-xvfb: Xvfb is an X server that can run on machines with no display hardware -xorg-server-xvfb: and no physical input devices. It emulates a dumb framebuffer using -xorg-server-xvfb: virtual memory. The primary use of this server is intended to be -xorg-server-xvfb: server testing. The mfb or cfb code for any depth can be exercised -xorg-server-xvfb: with this server without the need for real hardware that supports the -xorg-server-xvfb: desired depths. A secondary use is testing clients against unusual -xorg-server-xvfb: depths and screen configurations. -xorg-server-xvfb: -xorg-server-xvfb: diff --git a/patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txt b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txt new file mode 100644 index 000000000..675c628db --- /dev/null +++ b/patches/packages/xorg-server-xvfb-1.20.14-x86_64-4_slack15.0.txt @@ -0,0 +1,11 @@ +xorg-server-xvfb: xorg-server-xvfb (virtual framebuffer X server) +xorg-server-xvfb: +xorg-server-xvfb: Xvfb is an X server that can run on machines with no display hardware +xorg-server-xvfb: and no physical input devices. It emulates a dumb framebuffer using +xorg-server-xvfb: virtual memory. The primary use of this server is intended to be +xorg-server-xvfb: server testing. The mfb or cfb code for any depth can be exercised +xorg-server-xvfb: with this server without the need for real hardware that supports the +xorg-server-xvfb: desired depths. A secondary use is testing clients against unusual +xorg-server-xvfb: depths and screen configurations. +xorg-server-xvfb: +xorg-server-xvfb: diff --git a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-2_slack15.0.txt b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-2_slack15.0.txt deleted file mode 100644 index 44e18f2cf..000000000 --- a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-2_slack15.0.txt +++ /dev/null @@ -1,11 +0,0 @@ -xorg-server-xwayland: xorg-server-xwayland (X Clients under Wayland) -xorg-server-xwayland: -xorg-server-xwayland: Wayland is a complete window system in itself, but even so, if we're -xorg-server-xwayland: migrating away from X, it makes sense to have a good backwards -xorg-server-xwayland: compatibility story. With a few changes, the Xorg server can be -xorg-server-xwayland: modified to use Wayland input devices for input and forward either the -xorg-server-xwayland: root window or individual top-level windows as wayland surfaces. The -xorg-server-xwayland: server still runs the same 2D driver with the same acceleration code -xorg-server-xwayland: as it does when it runs natively. The main difference is that Wayland -xorg-server-xwayland: handles presentation of the windows instead of KMS. -xorg-server-xwayland: diff --git a/patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txt b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txt new file mode 100644 index 000000000..44e18f2cf --- /dev/null +++ b/patches/packages/xorg-server-xwayland-21.1.4-x86_64-3_slack15.0.txt @@ -0,0 +1,11 @@ +xorg-server-xwayland: xorg-server-xwayland (X Clients under Wayland) +xorg-server-xwayland: +xorg-server-xwayland: Wayland is a complete window system in itself, but even so, if we're +xorg-server-xwayland: migrating away from X, it makes sense to have a good backwards +xorg-server-xwayland: compatibility story. With a few changes, the Xorg server can be +xorg-server-xwayland: modified to use Wayland input devices for input and forward either the +xorg-server-xwayland: root window or individual top-level windows as wayland surfaces. The +xorg-server-xwayland: server still runs the same 2D driver with the same acceleration code +xorg-server-xwayland: as it does when it runs natively. The main difference is that Wayland +xorg-server-xwayland: handles presentation of the windows instead of KMS. +xorg-server-xwayland: diff --git a/patches/source/xorg-server-xwayland/CVE-2022-3550.patch b/patches/source/xorg-server-xwayland/CVE-2022-3550.patch new file mode 100644 index 000000000..3461b0749 --- /dev/null +++ b/patches/source/xorg-server-xwayland/CVE-2022-3550.patch @@ -0,0 +1,34 @@ +From 11beef0b7f1ed290348e45618e5fa0d2bffcb72e Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Tue, 5 Jul 2022 12:06:20 +1000 +Subject: xkb: proof GetCountedString against request length attacks + +GetCountedString did a check for the whole string to be within the +request buffer but not for the initial 2 bytes that contain the length +field. A swapped client could send a malformed request to trigger a +swaps() on those bytes, writing into random memory. + +Signed-off-by: Peter Hutterer +--- + xkb/xkb.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/xkb/xkb.c b/xkb/xkb.c +index f42f59ef3..1841cff26 100644 +--- a/xkb/xkb.c ++++ b/xkb/xkb.c +@@ -5137,6 +5137,11 @@ _GetCountedString(char **wire_inout, ClientPtr client, char **str) + CARD16 len; + + wire = *wire_inout; ++ ++ if (client->req_len < ++ bytes_to_int32(wire + 2 - (char *) client->requestBuffer)) ++ return BadValue; ++ + len = *(CARD16 *) wire; + if (client->swapped) { + swaps(&len); +-- +cgit v1.2.1 + diff --git a/patches/source/xorg-server-xwayland/CVE-2022-3551.patch b/patches/source/xorg-server-xwayland/CVE-2022-3551.patch new file mode 100644 index 000000000..e41db9286 --- /dev/null +++ b/patches/source/xorg-server-xwayland/CVE-2022-3551.patch @@ -0,0 +1,59 @@ +From 18f91b950e22c2a342a4fbc55e9ddf7534a707d2 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Wed, 13 Jul 2022 11:23:09 +1000 +Subject: xkb: fix some possible memleaks in XkbGetKbdByName + +GetComponentByName returns an allocated string, so let's free that if we +fail somewhere. + +Signed-off-by: Peter Hutterer +--- + xkb/xkb.c | 26 ++++++++++++++++++++------ + 1 file changed, 20 insertions(+), 6 deletions(-) + +diff --git a/xkb/xkb.c b/xkb/xkb.c +index 4692895db..b79a269e3 100644 +--- a/xkb/xkb.c ++++ b/xkb/xkb.c +@@ -5935,18 +5935,32 @@ ProcXkbGetKbdByName(ClientPtr client) + xkb = dev->key->xkbInfo->desc; + status = Success; + str = (unsigned char *) &stuff[1]; +- if (GetComponentSpec(&str, TRUE, &status)) /* keymap, unsupported */ +- return BadMatch; ++ { ++ char *keymap = GetComponentSpec(&str, TRUE, &status); /* keymap, unsupported */ ++ if (keymap) { ++ free(keymap); ++ return BadMatch; ++ } ++ } + names.keycodes = GetComponentSpec(&str, TRUE, &status); + names.types = GetComponentSpec(&str, TRUE, &status); + names.compat = GetComponentSpec(&str, TRUE, &status); + names.symbols = GetComponentSpec(&str, TRUE, &status); + names.geometry = GetComponentSpec(&str, TRUE, &status); +- if (status != Success) ++ if (status == Success) { ++ len = str - ((unsigned char *) stuff); ++ if ((XkbPaddedSize(len) / 4) != stuff->length) ++ status = BadLength; ++ } ++ ++ if (status != Success) { ++ free(names.keycodes); ++ free(names.types); ++ free(names.compat); ++ free(names.symbols); ++ free(names.geometry); + return status; +- len = str - ((unsigned char *) stuff); +- if ((XkbPaddedSize(len) / 4) != stuff->length) +- return BadLength; ++ } + + CHK_MASK_LEGAL(0x01, stuff->want, XkbGBN_AllComponentsMask); + CHK_MASK_LEGAL(0x02, stuff->need, XkbGBN_AllComponentsMask); +-- +cgit v1.2.1 + diff --git a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild index fb119aa22..8be825f3c 100755 --- a/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild +++ b/patches/source/xorg-server-xwayland/xorg-server-xwayland.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=xorg-server-xwayland SRCNAM=xwayland VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2_slack15.0} +BUILD=${BUILD:-3_slack15.0} # Default font paths to be used by the X server: DEF_FONTPATH="/usr/share/fonts/misc,/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic" @@ -85,6 +85,10 @@ zcat $CWD/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz | patch -p1 --v zcat $CWD/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz | patch -p1 --verbose || exit 1 +# Patch more security issues: +zcat $CWD/CVE-2022-3550.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/CVE-2022-3551.patch.gz | patch -p1 --verbose || exit 1 + # Configure, build, and install: export CFLAGS="$SLKCFLAGS" export CXXFLAGS="$SLKCFLAGS" diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server index ce80d7ec1..56dc1348a 100644 --- a/patches/source/xorg-server/build/xorg-server +++ b/patches/source/xorg-server/build/xorg-server @@ -1 +1 @@ -3_slack15.0 +4_slack15.0 diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch index 52169835e..770ff67d4 100644 --- a/patches/source/xorg-server/patch/xorg-server.patch +++ b/patches/source/xorg-server/patch/xorg-server.patch @@ -33,3 +33,8 @@ zcat $CWD/patch/xorg-server/06_use-intel-only-on-pre-gen4.diff.gz | patch -p1 -- zcat $CWD/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } zcat $CWD/patch/xorg-server/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } zcat $CWD/patch/xorg-server/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } + +# Patch some more security issues: +zcat $CWD/patch/xorg-server/CVE-2022-3550.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/CVE-2022-3551.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/CVE-2022-3553.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2022-3550.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2022-3550.patch new file mode 100644 index 000000000..3461b0749 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/CVE-2022-3550.patch @@ -0,0 +1,34 @@ +From 11beef0b7f1ed290348e45618e5fa0d2bffcb72e Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Tue, 5 Jul 2022 12:06:20 +1000 +Subject: xkb: proof GetCountedString against request length attacks + +GetCountedString did a check for the whole string to be within the +request buffer but not for the initial 2 bytes that contain the length +field. A swapped client could send a malformed request to trigger a +swaps() on those bytes, writing into random memory. + +Signed-off-by: Peter Hutterer +--- + xkb/xkb.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/xkb/xkb.c b/xkb/xkb.c +index f42f59ef3..1841cff26 100644 +--- a/xkb/xkb.c ++++ b/xkb/xkb.c +@@ -5137,6 +5137,11 @@ _GetCountedString(char **wire_inout, ClientPtr client, char **str) + CARD16 len; + + wire = *wire_inout; ++ ++ if (client->req_len < ++ bytes_to_int32(wire + 2 - (char *) client->requestBuffer)) ++ return BadValue; ++ + len = *(CARD16 *) wire; + if (client->swapped) { + swaps(&len); +-- +cgit v1.2.1 + diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2022-3551.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2022-3551.patch new file mode 100644 index 000000000..e41db9286 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/CVE-2022-3551.patch @@ -0,0 +1,59 @@ +From 18f91b950e22c2a342a4fbc55e9ddf7534a707d2 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Wed, 13 Jul 2022 11:23:09 +1000 +Subject: xkb: fix some possible memleaks in XkbGetKbdByName + +GetComponentByName returns an allocated string, so let's free that if we +fail somewhere. + +Signed-off-by: Peter Hutterer +--- + xkb/xkb.c | 26 ++++++++++++++++++++------ + 1 file changed, 20 insertions(+), 6 deletions(-) + +diff --git a/xkb/xkb.c b/xkb/xkb.c +index 4692895db..b79a269e3 100644 +--- a/xkb/xkb.c ++++ b/xkb/xkb.c +@@ -5935,18 +5935,32 @@ ProcXkbGetKbdByName(ClientPtr client) + xkb = dev->key->xkbInfo->desc; + status = Success; + str = (unsigned char *) &stuff[1]; +- if (GetComponentSpec(&str, TRUE, &status)) /* keymap, unsupported */ +- return BadMatch; ++ { ++ char *keymap = GetComponentSpec(&str, TRUE, &status); /* keymap, unsupported */ ++ if (keymap) { ++ free(keymap); ++ return BadMatch; ++ } ++ } + names.keycodes = GetComponentSpec(&str, TRUE, &status); + names.types = GetComponentSpec(&str, TRUE, &status); + names.compat = GetComponentSpec(&str, TRUE, &status); + names.symbols = GetComponentSpec(&str, TRUE, &status); + names.geometry = GetComponentSpec(&str, TRUE, &status); +- if (status != Success) ++ if (status == Success) { ++ len = str - ((unsigned char *) stuff); ++ if ((XkbPaddedSize(len) / 4) != stuff->length) ++ status = BadLength; ++ } ++ ++ if (status != Success) { ++ free(names.keycodes); ++ free(names.types); ++ free(names.compat); ++ free(names.symbols); ++ free(names.geometry); + return status; +- len = str - ((unsigned char *) stuff); +- if ((XkbPaddedSize(len) / 4) != stuff->length) +- return BadLength; ++ } + + CHK_MASK_LEGAL(0x01, stuff->want, XkbGBN_AllComponentsMask); + CHK_MASK_LEGAL(0x02, stuff->need, XkbGBN_AllComponentsMask); +-- +cgit v1.2.1 + diff --git a/patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch b/patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch new file mode 100644 index 000000000..593545d03 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch @@ -0,0 +1,43 @@ +From dfd057996b26420309c324ec844a5ba6dd07eda3 Mon Sep 17 00:00:00 2001 +From: Jeremy Huddleston Sequoia +Date: Sat, 2 Jul 2022 14:17:18 -0700 +Subject: xquartz: Fix a possible crash when editing the Application menu due + to mutaing immutable arrays + +Crashing on exception: -[__NSCFArray replaceObjectAtIndex:withObject:]: mutating method sent to immutable object + +Application Specific Backtrace 0: +0 CoreFoundation 0x00007ff80d2c5e9b __exceptionPreprocess + 242 +1 libobjc.A.dylib 0x00007ff80d027e48 objc_exception_throw + 48 +2 CoreFoundation 0x00007ff80d38167b _CFThrowFormattedException + 194 +3 CoreFoundation 0x00007ff80d382a25 -[__NSCFArray removeObjectAtIndex:].cold.1 + 0 +4 CoreFoundation 0x00007ff80d2e6c0b -[__NSCFArray replaceObjectAtIndex:withObject:] + 119 +5 X11.bin 0x00000001003180f9 -[X11Controller tableView:setObjectValue:forTableColumn:row:] + 169 + +Fixes: https://github.com/XQuartz/XQuartz/issues/267 +Signed-off-by: Jeremy Huddleston Sequoia +--- + hw/xquartz/X11Controller.m | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/hw/xquartz/X11Controller.m b/hw/xquartz/X11Controller.m +index 3b55bb6a5..e9a939312 100644 +--- a/hw/xquartz/X11Controller.m ++++ b/hw/xquartz/X11Controller.m +@@ -469,8 +469,11 @@ extern char *bundle_id_prefix; + self.table_apps = table_apps; + + NSArray * const apps = self.apps; +- if (apps != nil) +- [table_apps addObjectsFromArray:apps]; ++ if (apps != nil) { ++ for (NSArray * row in apps) { ++ [table_apps addObject:row.mutableCopy]; ++ } ++ } + + columns = [apps_table tableColumns]; + [[columns objectAtIndex:0] setIdentifier:@"0"]; +-- +cgit v1.2.1 + diff --git a/recompress.sh b/recompress.sh index 3a8206520..2c8c5e0ab 100755 --- a/recompress.sh +++ b/recompress.sh @@ -1182,7 +1182,9 @@ gzip ./patches/source/python3/python3.readline.set_pre_input_hook.diff gzip ./patches/source/python3/python3.setup.py.x86_64.diff gzip ./patches/source/python3/python3.distutils.x86_64.diff gzip ./patches/source/xorg-server-xwayland/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch +gzip ./patches/source/xorg-server-xwayland/CVE-2022-3551.patch gzip ./patches/source/xorg-server-xwayland/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch +gzip ./patches/source/xorg-server-xwayland/CVE-2022-3550.patch gzip ./patches/source/xorg-server-xwayland/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch gzip ./patches/source/seamonkey/autoconf/autoconf-2.13-consolidated_fixes-1.patch gzip ./patches/source/seamonkey/doinst.sh @@ -1208,13 +1210,16 @@ gzip ./patches/source/ca-certificates/fixup_update-ca-certificates.diff gzip ./patches/source/ca-certificates/doinst.sh gzip ./patches/source/ca-certificates/update-ca-certificates.c_rehash.diff gzip ./patches/source/xorg-server/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch +gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3553.patch gzip ./patches/source/xorg-server/patch/xorg-server/0001-autobind-GPUs-to-the-screen.patch gzip ./patches/source/xorg-server/patch/xorg-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch gzip ./patches/source/xorg-server/patch/xorg-server/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch +gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3551.patch gzip ./patches/source/xorg-server/patch/xorg-server/fix-nouveau-segfault.diff gzip ./patches/source/xorg-server/patch/xorg-server/fix-pci-segfault.diff gzip ./patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff gzip ./patches/source/xorg-server/patch/xorg-server/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch +gzip ./patches/source/xorg-server/patch/xorg-server/CVE-2022-3550.patch gzip ./patches/source/xorg-server/patch/xorg-server/06_use-intel-only-on-pre-gen4.diff gzip ./patches/source/xorg-server/patch/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch gzip ./patches/source/xorg-server/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch -- cgit v1.2.3-65-gdbad