diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2021-12-16 21:34:10 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2021-12-17 08:59:54 +0100 |
commit | d5c267841ae969914a7a7d3265d40931171c2f44 (patch) | |
tree | 5091b85975f4b3237acbf636e7ac935938105f47 /source/x/x11/patch/xorg-server/xorg-server.CVE-2021-4008.ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60.patch | |
parent | 2ff75b95af8c63e8c2ab2b6b551e09ab39432e8b (diff) | |
download | current-d5c267841ae969914a7a7d3265d40931171c2f44.tar.gz current-d5c267841ae969914a7a7d3265d40931171c2f44.tar.xz |
Thu Dec 16 21:34:10 UTC 202120211216213410
a/kernel-firmware-20211216_f682ecb-noarch-1.txz: Upgraded.
a/kernel-generic-5.15.9-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.9-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.9-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1m-x86_64-1.txz: Upgraded.
ap/inxi-3.3.10_1-noarch-1.txz: Upgraded.
Thanks to h2-1.
d/kernel-headers-5.15.9-x86-1.txz: Upgraded.
d/vala-0.54.5-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.9-noarch-1.txz: Upgraded.
SUNRPC_DEBUG n -> y
+NFS_DEBUG y
Thanks to bassmadrigal.
kde/latte-dock-0.10.5-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.73.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.42-x86_64-1.txz: Upgraded.
n/iputils-20211215-x86_64-1.txz: Upgraded.
n/openssl-1.1.1m-x86_64-1.txz: Upgraded.
n/php-7.4.27-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.14-x86_64-1.txz: Upgraded.
Built using --enable-systemd-logind to use elogind for device setup.
Some code changes would be required in xorg-server, xinit, and various login
managers to make rootless X work out of the box or to fall back in cases
where elogind isn't supported, and those changes aren't appropriate here in
the RC stage, but you can try it without recompiling:
chmod 755 /usr/libexec/Xorg*
Thanks to LuckyCyborg.
x/xorg-server-xephyr-1.20.14-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.20.14-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.20.14-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.4.1esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.4.1/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/x/x11/patch/xorg-server/xorg-server.CVE-2021-4008.ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60.patch')
-rw-r--r-- | source/x/x11/patch/xorg-server/xorg-server.CVE-2021-4008.ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60.patch | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/source/x/x11/patch/xorg-server/xorg-server.CVE-2021-4008.ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60.patch b/source/x/x11/patch/xorg-server/xorg-server.CVE-2021-4008.ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60.patch deleted file mode 100644 index e13edff70..000000000 --- a/source/x/x11/patch/xorg-server/xorg-server.CVE-2021-4008.ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60.patch +++ /dev/null @@ -1,52 +0,0 @@ -From ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60 Mon Sep 17 00:00:00 2001 -From: Povilas Kanapickas <povilas@radix.lt> -Date: Tue, 14 Dec 2021 15:00:03 +0200 -Subject: [PATCH] render: Fix out of bounds access in - SProcRenderCompositeGlyphs() - -ZDI-CAN-14192, CVE-2021-4008 - -This vulnerability was discovered and the fix was suggested by: -Jan-Niklas Sohn working with Trend Micro Zero Day Initiative - -Signed-off-by: Povilas Kanapickas <povilas@radix.lt> ---- - render/render.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/render/render.c b/render/render.c -index c376090ca..456f156d4 100644 ---- a/render/render.c -+++ b/render/render.c -@@ -2309,6 +2309,9 @@ SProcRenderCompositeGlyphs(ClientPtr client) - - i = elt->len; - if (i == 0xff) { -+ if (buffer + 4 > end) { -+ return BadLength; -+ } - swapl((int *) buffer); - buffer += 4; - } -@@ -2319,12 +2322,18 @@ SProcRenderCompositeGlyphs(ClientPtr client) - buffer += i; - break; - case 2: -+ if (buffer + i * 2 > end) { -+ return BadLength; -+ } - while (i--) { - swaps((short *) buffer); - buffer += 2; - } - break; - case 4: -+ if (buffer + i * 4 > end) { -+ return BadLength; -+ } - while (i--) { - swapl((int *) buffer); - buffer += 4; --- -GitLab - |