Ubuntu
xorg-server package

Change logs for xorg-server source package in Hirsute

Hirsute (21.04)
Change log

xorg-server (2:1.20.11-1ubuntu1.2) hirsute-security; urgency=medium

  * SECURITY UPDATE: SProcRenderCompositeGlyphs out-of-bounds access
    - debian/patches/CVE-2021-4008.patch: check lengths in render/render.c.
    - CVE-2021-4008
  * SECURITY UPDATE: SProcXFixesCreatePointerBarrier out-of-bounds access
    - debian/patches/CVE-2021-4009.patch: use sizes in xfixes/cursor.c.
    - CVE-2021-4009
  * SECURITY UPDATE: SProcScreenSaverSuspend out-of-bounds access
    - debian/patches/CVE-2021-4010.patch: fix logic in Xext/saver.c.
    - CVE-2021-4010
  * SECURITY UPDATE: SwapCreateRegister out-of-bounds access
    - debian/patches/CVE-2021-4011.patch: fix length in record/record.c.
    - CVE-2021-4011

 -- Marc Deslauriers <email address hidden>  Tue, 14 Dec 2021 09:13:12 -0500

xorg-server (2:1.20.11-1ubuntu1.1) hirsute; urgency=medium

  * modesetting-disable-reverse-prime-offload-udl.diff: Fix a regression
    on displaylink devices after mesa update. (LP: #1931547)

 -- Timo Aaltonen <email address hidden>  Tue, 06 Jul 2021 13:17:51 +0300

xorg-server (2:1.20.11-1ubuntu1) hirsute; urgency=medium

  * Merge from Debian.

xorg-server (2:1.20.11-1) unstable; urgency=medium

  * New upstream release.
    - CVE-2021-3472
  * Add signing key for Matt Turner.

 -- Timo Aaltonen <email address hidden>  Tue, 13 Apr 2021 19:15:17 +0300

xorg-server (2:1.20.10-3ubuntu7) hirsute; urgency=medium

  * 300-mi-sprite-SaveUnderCursor2.patch: Drop duplicate entries.

 -- Timo Aaltonen <email address hidden>  Fri, 09 Apr 2021 13:30:53 +0300

xorg-server (2:1.20.10-3ubuntu6) hirsute; urgency=medium

  * 300-mi-sprite-SaveUnderCursor2.patch: Fix cursor bleeding issue
    (LP: #1911479).
    The new function, miDCSaveUnderCursor2, is required by Xilinx armsoc driver

 -- Ethan Hsieh <email address hidden>  Fri, 19 Mar 2021 12:55:11 +0000

xorg-server (2:1.20.10-3ubuntu5) hirsute; urgency=medium

  * Disable building xwayland.

 -- Timo Aaltonen <email address hidden>  Fri, 26 Mar 2021 15:16:17 +0200

xorg-server (2:1.20.10-3ubuntu4) hirsute; urgency=medium

  * Disable building with lto, it's a 20+GB link not yet investigated.

 -- Matthias Klose <email address hidden>  Fri, 26 Mar 2021 13:37:55 +0100

xorg-server (2:1.20.10-3ubuntu3) hirsute; urgency=medium

  * Stop building the udeb on request.

 -- Matthias Klose <email address hidden>  Mon, 22 Feb 2021 11:54:42 +0100

xorg-server (2:1.20.10-3ubuntu2) hirsute; urgency=medium

  * No-change rebuild to drop the udeb package.

 -- Matthias Klose <email address hidden>  Mon, 22 Feb 2021 10:47:12 +0100

xorg-server (2:1.20.10-3ubuntu1) hirsute; urgency=medium

  * Merge from Debian.
  * patches: Drop upstreamed patches.

xorg-server (2:1.20.10-3) unstable; urgency=medium

  [ Julien Cristau ]
  * Drop workaround for mips* FTBFS added in 2:1.20.10-1, shouldn't be
    necessary anymore with the change in 2:1.20.10-2.

  [ Sven Joachim ]
  * Recommend default-logind | logind rather than libpam-systemd in
    xserver-xorg-core (Closes: #923198).
  * Use mktemp rather than tempfile in xserver-xorg-legacy.postinst
    (Closes: #979751).
  * Use dpkg-vendor to get the vendor name, drop lsb-release from
    Build-Depends.

   [ Vagrant Cascadian ]
  * Avoid embedding the running kernel version (Closes: #976898).

xorg-server (2:1.20.10-2) unstable; urgency=medium

  * Stop defining inb/outb on mips, to fix FTBFS in some drivers with GCC 10
    (closes: #978670).

xorg-server (2:1.20.10-1) unstable; urgency=medium

  [ Timo Aaltonen ]
  * New upstream release.
    - CVE-2020-14360, CVE-2020-25712 (Closes: #976216)
  * Drop patches:
    - 0001-Revert-*: Reverted upstream in this version
    - revert-hw-xfree86-avoid-cursor-use-after-free.diff: Issue fixed in this version
    - revert-disabling-xss-for-rootless-xwayland.diff: Was resolved upstream as
      being a client bug
  * control: Add libnvidia-egl-wayland-dev to build-depends, enables
    EGLStream support in xwayland.

  [ Adrian Bunk ]
  * rules: Add a workaround to fix build on mips*. (Closes: #975579)

 -- Timo Aaltonen <email address hidden>  Wed, 17 Feb 2021 12:30:29 +0200

xorg-server (2:1.20.9-2ubuntu3) hirsute; urgency=medium

  * SECURITY UPDATE: out of bounds memory accesses on too short request
    - debian/patches/CVE-2020-14360.patch: check SetMap request length
      carefully in xkb/xkb.c.
    - CVE-2020-14360
  * SECURITY UPDATE: multiple heap overflows
    - debian/patches/CVE-2020-25712.patch: add bounds checks in xkb/xkb.c.
    - CVE-2020-25712

 -- Marc Deslauriers <email address hidden>  Wed, 02 Dec 2020 09:16:47 -0500

xorg-server (2:1.20.9-2ubuntu2) hirsute; urgency=medium

  * fix-gtf-detection-for-edid-14.diff: Fix a regression in detecting
    modes of an EDID 1.4 monitor. (LP: #1897530)

 -- Timo Aaltonen <email address hidden>  Mon, 30 Nov 2020 13:53:47 +0200

xorg-server (2:1.20.9-2ubuntu1) groovy; urgency=medium

  * Merge from Debian.
    - xfree86-add-drm-modes-on-non-GTF-panels.patch: Dropped, upstream
    - CVE patches dropped, upstream
  * modesetting-do-not-stop-on-entervt.diff: Dropped in favor of two
    upstream commits that got merged. (LP: #1897530)

 -- Timo Aaltonen <email address hidden>  Wed, 07 Oct 2020 08:46:52 +0300

Ubuntuxorg-server package

Change logs for xorg-server source package in Hirsute

Ubuntu
xorg-server package