-
xorg-server (2:1.20.11-1ubuntu1.2) hirsute-security; urgency=medium
* SECURITY UPDATE: SProcRenderCompositeGlyphs out-of-bounds access
- debian/patches/CVE-2021-4008.patch: check lengths in render/render.c.
- CVE-2021-4008
* SECURITY UPDATE: SProcXFixesCreatePointerBarrier out-of-bounds access
- debian/patches/CVE-2021-4009.patch: use sizes in xfixes/cursor.c.
- CVE-2021-4009
* SECURITY UPDATE: SProcScreenSaverSuspend out-of-bounds access
- debian/patches/CVE-2021-4010.patch: fix logic in Xext/saver.c.
- CVE-2021-4010
* SECURITY UPDATE: SwapCreateRegister out-of-bounds access
- debian/patches/CVE-2021-4011.patch: fix length in record/record.c.
- CVE-2021-4011
-- Marc Deslauriers <email address hidden> Tue, 14 Dec 2021 09:13:12 -0500
-
xorg-server (2:1.20.11-1ubuntu1.1) hirsute; urgency=medium
* modesetting-disable-reverse-prime-offload-udl.diff: Fix a regression
on displaylink devices after mesa update. (LP: #1931547)
-- Timo Aaltonen <email address hidden> Tue, 06 Jul 2021 13:17:51 +0300
-
xorg-server (2:1.20.11-1ubuntu1) hirsute; urgency=medium
* Merge from Debian.
xorg-server (2:1.20.11-1) unstable; urgency=medium
* New upstream release.
- CVE-2021-3472
* Add signing key for Matt Turner.
-- Timo Aaltonen <email address hidden> Tue, 13 Apr 2021 19:15:17 +0300
-
xorg-server (2:1.20.10-3ubuntu7) hirsute; urgency=medium
* 300-mi-sprite-SaveUnderCursor2.patch: Drop duplicate entries.
-- Timo Aaltonen <email address hidden> Fri, 09 Apr 2021 13:30:53 +0300
-
xorg-server (2:1.20.10-3ubuntu6) hirsute; urgency=medium
* 300-mi-sprite-SaveUnderCursor2.patch: Fix cursor bleeding issue
(LP: #1911479).
The new function, miDCSaveUnderCursor2, is required by Xilinx armsoc driver
-- Ethan Hsieh <email address hidden> Fri, 19 Mar 2021 12:55:11 +0000
-
xorg-server (2:1.20.10-3ubuntu5) hirsute; urgency=medium
* Disable building xwayland.
-- Timo Aaltonen <email address hidden> Fri, 26 Mar 2021 15:16:17 +0200
-
xorg-server (2:1.20.10-3ubuntu4) hirsute; urgency=medium
* Disable building with lto, it's a 20+GB link not yet investigated.
-- Matthias Klose <email address hidden> Fri, 26 Mar 2021 13:37:55 +0100
-
xorg-server (2:1.20.10-3ubuntu3) hirsute; urgency=medium
* Stop building the udeb on request.
-- Matthias Klose <email address hidden> Mon, 22 Feb 2021 11:54:42 +0100
-
xorg-server (2:1.20.10-3ubuntu2) hirsute; urgency=medium
* No-change rebuild to drop the udeb package.
-- Matthias Klose <email address hidden> Mon, 22 Feb 2021 10:47:12 +0100
-
xorg-server (2:1.20.10-3ubuntu1) hirsute; urgency=medium
* Merge from Debian.
* patches: Drop upstreamed patches.
xorg-server (2:1.20.10-3) unstable; urgency=medium
[ Julien Cristau ]
* Drop workaround for mips* FTBFS added in 2:1.20.10-1, shouldn't be
necessary anymore with the change in 2:1.20.10-2.
[ Sven Joachim ]
* Recommend default-logind | logind rather than libpam-systemd in
xserver-xorg-core (Closes: #923198).
* Use mktemp rather than tempfile in xserver-xorg-legacy.postinst
(Closes: #979751).
* Use dpkg-vendor to get the vendor name, drop lsb-release from
Build-Depends.
[ Vagrant Cascadian ]
* Avoid embedding the running kernel version (Closes: #976898).
xorg-server (2:1.20.10-2) unstable; urgency=medium
* Stop defining inb/outb on mips, to fix FTBFS in some drivers with GCC 10
(closes: #978670).
xorg-server (2:1.20.10-1) unstable; urgency=medium
[ Timo Aaltonen ]
* New upstream release.
- CVE-2020-14360, CVE-2020-25712 (Closes: #976216)
* Drop patches:
- 0001-Revert-*: Reverted upstream in this version
- revert-hw-xfree86-avoid-cursor-use-after-free.diff: Issue fixed in this version
- revert-disabling-xss-for-rootless-xwayland.diff: Was resolved upstream as
being a client bug
* control: Add libnvidia-egl-wayland-dev to build-depends, enables
EGLStream support in xwayland.
[ Adrian Bunk ]
* rules: Add a workaround to fix build on mips*. (Closes: #975579)
-- Timo Aaltonen <email address hidden> Wed, 17 Feb 2021 12:30:29 +0200
-
xorg-server (2:1.20.9-2ubuntu3) hirsute; urgency=medium
* SECURITY UPDATE: out of bounds memory accesses on too short request
- debian/patches/CVE-2020-14360.patch: check SetMap request length
carefully in xkb/xkb.c.
- CVE-2020-14360
* SECURITY UPDATE: multiple heap overflows
- debian/patches/CVE-2020-25712.patch: add bounds checks in xkb/xkb.c.
- CVE-2020-25712
-- Marc Deslauriers <email address hidden> Wed, 02 Dec 2020 09:16:47 -0500
-
xorg-server (2:1.20.9-2ubuntu2) hirsute; urgency=medium
* fix-gtf-detection-for-edid-14.diff: Fix a regression in detecting
modes of an EDID 1.4 monitor. (LP: #1897530)
-- Timo Aaltonen <email address hidden> Mon, 30 Nov 2020 13:53:47 +0200
-
xorg-server (2:1.20.9-2ubuntu1) groovy; urgency=medium
* Merge from Debian.
- xfree86-add-drm-modes-on-non-GTF-panels.patch: Dropped, upstream
- CVE patches dropped, upstream
* modesetting-do-not-stop-on-entervt.diff: Dropped in favor of two
upstream commits that got merged. (LP: #1897530)
-- Timo Aaltonen <email address hidden> Wed, 07 Oct 2020 08:46:52 +0300