-
xorg-server (1:1.1.1-0ubuntu12.5) edgy-security; urgency=low
* SECURITY UPDATE: multiple memory corruption flaws.
* Re-applied security patches from 1:1.1.1-0ubuntu12.3.
* Updated fix_CVE-2007-6429.patch: upstream fixes for bbp < 8
crash regressions.
* References
http://gitweb.freedesktop.org/?p=xorg/xserver.git;a=commitdiff;h=e9fa7c1c88a8130a48f772c92b186b8b777986b5
-- Kees Cook <email address hidden> Fri, 18 Jan 2008 11:59:21 -0800
-
xorg-server (1:1.1.1-0ubuntu12.4) edgy-security; urgency=low
* Revert previous security update since it causes severe regressions.
(LP: #183969)
-- Timo Aaltonen <email address hidden> Fri, 18 Jan 2008 17:48:49 +0200
-
xorg-server (1:1.1.1-0ubuntu12.3) edgy-security; urgency=low
* SECURITY UPDATE: multiple memory corruption flaws.
* Added fix_CVE-2007-5958.patch: upstream fix from Matthieu Herrb.
* Added fix_CVE-2007-5760.patch: backported upstream fixes
(bbde5b62a137ba726a747b838d81e92d72c1b42b) for XFree86 Misc extension out
of bounds array index.
* Added fix_CVE-2007-6427.patch: backported upstream fixes
(dd5e0f5cd5f3a87fee86d99c073ffa7cf89b0a27) for Xinput extension memory
corruption.
* Added fix_CVE-2007-6428.patch: backported upstream fixes
(7dc1717ff0f96b99271a912b8948dfce5164d5ad) for TOG-cup extension memory
corruption.
* Added fix_CVE-2007-6429.patch: backported upstream fixes
(6de61f82728df22ea01f9659df6581b87f33f11d) for MIT-SHM and EVI extensions
integer overflows.
* Added fix_CVE-2008-0006.patch: backported upstream fixes
(8e133d96740d010a4fd969a8188e6e71fb2cafe2) for PCF Font parser buffer
overflow.
-- Kees Cook <email address hidden> Thu, 17 Jan 2008 11:24:36 -0800
-
xorg-server (1:1.1.1-0ubuntu12.2) edgy-security; urgency=low
* SECURITY UPDATE: arbitrary code execution with root privileges via
integer overflows in MISC-XC
* Add debian/patches/131_misc_xc_overflows.patch: upstream fixes.
* References
CVE-2007-1003
-- Kees Cook <email address hidden> Thu, 29 Mar 2007 18:14:26 -0700
-
xorg-server (1:1.1.1-0ubuntu12.1) edgy-security; urgency=low
* SECURITY UPDATE: Arbitrary code execution with root privileges via heap
overflows in DBE and Render extensions.
* Add 'debian/patches/021_ubuntu_dbe-render_overflows.diff' from
upstream
* References
CVE-2006-6101 CVE-2006-6102 CVE-2006-6103
-- Kees Cook <email address hidden> Mon, 8 Jan 2007 12:45:41 -0800
-
xorg-server (1:1.1.1-0ubuntu12) edgy; urgency=low
* debian/patches/17_no_composite_for_xvfb.patch:
- fix a crasher by not using composite for Xvfb when using -render
* debian/patches/18_no_composite_for_xvfb_run.patch:
- use "-extension Composite" to fix xvfb-run crashing
-- Sebastien Bacher <email address hidden> Fri, 13 Oct 2006 17:12:49 +0200
-
xorg-server (1:1.1.1-0ubuntu11) edgy; urgency=low
* debian/patches/16_only_switch_vt_when_active.patch:
Add a check to prevent the X server from changing the VT when killing
GDM from the console.
-- Ryan Lortie <email address hidden> Thu, 21 Sep 2006 01:26:35 -0400
-
xorg-server (1:1.1.1-0ubuntu10) edgy; urgency=low
* Build xserver-xephyr from xorg-server package. Malone: #57077, #57084
-- Tollef Fog Heen <email address hidden> Wed, 6 Sep 2006 12:57:32 +0200
-
xorg-server (1:1.1.1-0ubuntu9) edgy; urgency=low
* Enable composite extension by default
* Add patch from fd.o bugzilla #7916 to avoid aiglx hangs on vt
switches
-- Matthew Garrett <email address hidden> Sat, 26 Aug 2006 03:20:31 +0100
-
xorg-server (1:1.1.1-0ubuntu8) edgy; urgency=low
* Steal patch from Fedora to allow compiz to trigger the disabling of
XAA off-screen pixmaps
-- Matthew Garrett <email address hidden> Wed, 23 Aug 2006 21:26:08 +0100
-
xorg-server (1:1.1.1-0ubuntu7) edgy; urgency=low
* (temporarily) Removed Breaks: section from xserver-xorg-core (necessary
until apt-get properly supports this feature)
* Tightened Build-Depends: mesa-swx11-source to >=
6.5.0.git.20060810-0ubuntu1
* Tightened Build-Depends of libgl1-mesa-dev to >=
6.5.0.git.20060810-0ubuntu1
-- Rodrigo Parra Novo <email address hidden> Tue, 15 Aug 2006 07:26:07 -0300
-
xorg-server (1:1.1.1-0ubuntu6) edgy; urgency=low
* Tightened Build-Depends of mesa-swx11-source to version 6.5.0.git.20060809
* Removed patch 003_fedora_root_window_black_pattern.patch (not necessary
for Ubuntu)
-- Rodrigo Parra Novo <email address hidden> Fri, 11 Aug 2006 11:41:29 -0300
-
xorg-server (1:1.1.1-0ubuntu5) edgy; urgency=low
* Renamed 003_ubuntu_sharevts_load_cpu.patch to
002_ubuntu_sharevts_load_cpu.patch
* Added 003_fedora_root_window_black_pattern.patch (black background
pattern instead of default X background pattern. Feel free to revert if
you feel strongly against this one)
* Added 005_fdo4320_composite_fastpath.patch and
016_fdo7482_xdmx_render_fix.patch (upstream bug fixes, bug numbers
annotated on patch names)
* Added 004_fedora_init_origins_fix.patch (multihead initialization)
* Added 006_ubuntu_fpic_libxf86config.patch
* Added 007_fedora_dont_backfill_bg_none.patch
* Added 008_fedora_gl_include_inferiors.patch,
009_fedora_mesa_copy_sub_buffer.patch,
010_fedora_no_move_damage.patch,
012_fedora_tfp_damage.patch and
014_fedora_no_composite_in_xnest.patch (further aiglx support)
* 011_fedora_pci_scan_fixes.patch (pci scan fixes - testing is needed to
check if an extra upstream patch for pci domains is also necessary)
* Added 015_fedora_sane_default_mode.patch (tweak default mode - please feel
free to revert this patch if you feel strongly against it)
* Added 017_fedora_add_missing_headers_to_sdk.patch
* Added 018_ubuntu_linux_kernel_include_fixes.patch and
013_ubuntu_symlink_mesa_source.patch (build fixes against current
linux-kernel-modules * mesa-swx11-source - these already existed before,
but were applied directly to the source tree, instead of being quilt
patches)
* Just for reference: debian patch #02 is candidate for removal on next
upload. I'll refrain from removing it now to diminish the chances of this
being a breaks-for-everyone release
* Moved SecurityPolicy example from /usr/share/doc/examples/ to
/usr/share/doc/xserver-xorg-core/
-- Rodrigo Parra Novo <email address hidden> Mon, 7 Aug 2006 17:21:05 -0300
-
xorg-server (1:1.1.1-0ubuntu4) edgy; urgency=low
* Added new Breaks: section to xorg-server-core:
xserver-xorg-driver-all, xserver-xorg-driver-apm,
xserver-xorg-driver-ark, xserver-xorg-driver-ati,
xserver-xorg-driver-chips, xserver-xorg-driver-cirrus,
xserver-xorg-driver-cyrix, xserver-xorg-driver-dummy,
xserver-xorg-driver-fbdev, xserver-xorg-driver-glint,
xserver-xorg-driver-i128, xserver-xorg-driver-i740,
xserver-xorg-driver-i810, xserver-xorg-driver-imstt,
xserver-xorg-driver-mga, xserver-xorg-driver-neomagic,
xserver-xorg-driver-newport, xserver-xorg-driver-nsc,
xserver-xorg-driver-nv, xserver-xorg-driver-rendition,
xserver-xorg-driver-s3, xserver-xorg-driver-s3virge,
xserver-xorg-driver-savage, xserver-xorg-driver-siliconmotion,
xserver-xorg-driver-sis, xserver-xorg-driver-sisusb,
xserver-xorg-driver-tdfx, xserver-xorg-driver-tga,
xserver-xorg-driver-trident, xserver-xorg-driver-tseng,
xserver-xorg-driver-v4l, xserver-xorg-driver-vesa,
xserver-xorg-driver-vga, xserver-xorg-driver-via,
xserver-xorg-driver-vmware, xserver-xorg-driver-voodoo,
xserver-xorg-video-all (<< 7.0.22ubuntu7),
xserver-xorg-video-apm (<< 1:1.1.1-0ubuntu1),
xserver-xorg-video-ark (<< 1:0.6.0-0ubuntu1),
xserver-xorg-video-ati (<< 1:6.6.1-0ubuntu1),
xserver-xorg-video-chips (<< 1:1.1.1-0ubuntu1),
xserver-xorg-video-cirrus (<< 1:1.1.0-0ubuntu1),
xserver-xorg-video-cyrix (<< 1:1.1.0-0ubuntu1),
xserver-xorg-video-dummy (<< 1:0.2.0-0ubuntu1),
xserver-xorg-video-fbdev (<< 1:0.3.0-0ubuntu1),
xserver-xorg-video-glint (<< 1:1.1.1-0ubuntu1),
xserver-xorg-video-i128 (<< 1:1.2.0-0ubuntu1),
xserver-xorg-video-i740 (<< 1:1.1.0-0ubuntu1),
xserver-xorg-video-i810 (<< 1:1.6.1-0ubuntu1),
xserver-xorg-video-imstt (<< 1:1.1.0-0ubuntu1),
xserver-xorg-video-mga (<< 1:1.4.1-0ubuntu1),
xserver-xorg-video-neomagic (<< 1:1.1.1-0ubuntu1),
xserver-xorg-video-newport (<< 1:0.2.0-0ubuntu1),
xserver-xorg-video-nsc (<< 1:2.8.1-0ubuntu1),
xserver-xorg-video-nv (<< 1:1.2.0-0ubuntu1),
xserver-xorg-video-rendition (<< 1:4.1.0-0ubuntu1),
xserver-xorg-video-s3 (<< 1:0.4.1-0ubuntu1),
xserver-xorg-video-s3virge (<< 1:1.9.1-0ubuntu1),
xserver-xorg-video-savage (<< 1:2.1.1-0ubuntu1),
xserver-xorg-video-siliconmotion (<< 1:1.4.1-0ubuntu1),
xserver-xorg-video-sis (<< 1:0.9.1-0ubuntu1),
xserver-xorg-video-sisusb (<< 1:0.8.1-0ubuntu1),
xserver-xorg-video-tdfx (<< 1:1.2.1-0ubuntu1),
xserver-xorg-video-tga (<< 1:1.1.0-0ubuntu1),
xserver-xorg-video-trident (<< 1:1.2.1-0ubuntu1),
xserver-xorg-video-tseng (<< 1:1.1.0-0ubuntu1),
xserver-xorg-video-v4l (<< 1:0.1.1-0ubuntu1),
xserver-xorg-video-vesa (<< 1:1.2.1-0ubuntu1),
xserver-xorg-video-vga (<< 1:4.1.0-0ubuntu1),
xserver-xorg-video-via (<< 1:0.2.1-0ubuntu1),
xserver-xorg-video-vmware (<< 1:10.13.0-0ubuntu1),
xserver-xorg-video-voodoo (<< 1:1.1.0-oubuntu1)
-- Rodrigo Parra Novo <email address hidden> Tue, 1 Aug 2006 22:59:55 -0300
-
xorg-server (1:1.1.1-0ubuntu3) edgy; urgency=low
* Build with -fno-stack-protector (see LP#54650)
-- Matt Zimmerman <email address hidden> Mon, 31 Jul 2006 16:28:59 -0700
-
xorg-server (1:1.1.1-0ubuntu2) edgy; urgency=low
* (sparc only) removed stale inclusion of asm/kbio.h on
hw/xfree86/os-support/linux/lnx_io.c and
hw/xfree86/os-support/linux/lnx_kbd.c
* Update debian/serverabiver to 1:1.1.1
-- Rodrigo Parra Novo <email address hidden> Mon, 31 Jul 2006 12:53:22 -0300
-
xorg-server (1:1.1.1-0ubuntu1) edgy; urgency=low
* New Upstream version
* Changed Build-Depends from mesa-swrast-source to mesa-swx11-source,
following Debian package nomenclature
* Re-did 12_security_policy_in_etc.diff for 1.1.1
* Dropped 15_security_allocate_local.diff (applied upstream)
* Dropped 16_SECURITY_setuid.diff (applied upstream)
* Dropped 000_ubuntu_fix_read_kernel_mapping.patch (applied upstream)
* Dropped 002_ubuntu_fix_for_certain_intel_chipsets.patch (applied upstream)
* Updated versioned Build-Depends on mesa-swx11-source to version
6.5.0.cvs.20060725-0ubuntu1
* Added arrayobj.c, arrayobj.h, bitset.h & rbadaptors.h to
GL/symlink-mesa.sh (linked from mesa-swx11-source)
* Added arrayobj.c to default build target on GL/mesa/main
-- Rodrigo Parra Novo <email address hidden> Tue, 25 Jul 2006 20:06:28 -0300
-
xorg-server (1:1.0.2-9ubuntu3) edgy; urgency=low
* Drop Depends: *-driver-* now that the transion is complete.
-- Fabio M. Di Nitto <email address hidden> Wed, 12 Jul 2006 13:00:28 +0200
-
xorg-server (1:1.0.2-9ubuntu2) edgy; urgency=low
* Fix postinst script.
(Closes: #52538)
-- Fabio M. Di Nitto <email address hidden> Tue, 11 Jul 2006 08:13:23 +0200
-
xorg-server (1:1.0.2-9ubuntu1) edgy; urgency=low
* Sync with Debian unstable:
- Merge remaing patches from ubuntu:
. 001_ubuntu_add_extra_modelines_from_xorg.patch
. 002_ubuntu_fix_for_certain_intel_chipsets.patch
. 003_ubuntu_sharevts_load_cpu.patch
- Change B-D from mesa-swx11-source to mesa-swrast-source while we wait
for mesa to be merged.
- Keep --with-xkb-path set to /etc/X11/xkb waiting for xkeyboard-config
merge.
- Merge xserver-xorg-video* with xserver-xorg-driver* server Depends:
- xvfb Depends: xauth, xfonts-base
- Keep xserver-xorg-core.postinst from Ubuntu.
- Call genscripts from debian/rules.
- Install Xnest man page.
- Readd small server utils to the core package again.
- xdmx-tools Replaces: xdmx (<= 1:1.0.2-0ubuntu10) due to xdmx binary
change of package.
- Ship SecurityPolicy example.
-- Fabio M. Di Nitto <email address hidden> Mon, 10 Jul 2006 09:37:07 +0200
-
xorg-server (1:1.0.2-0ubuntu10) dapper; urgency=low
* Backport a fix for Intel bridge handling:
debian/patches/002_fix_for_certain_intel_chipsets.patch
(Closes Ubuntu: #29880)
-- Paul Sladen <email address hidden> Sun, 14 May 2006 19:01:32 +0100