-
xorg-server (2:1.18.4-0ubuntu0.12) xenial-security; urgency=medium
* SECURITY UPDATE: XChangeFeedbackControl Integer Underflow
- debian/patches/CVE-2021-3472.patch: add check to Xi/chgfctl.c.
- CVE-2021-3472
-- Marc Deslauriers <email address hidden> Thu, 08 Apr 2021 08:31:36 -0400
-
xorg-server (2:1.18.4-0ubuntu0.11) xenial-security; urgency=medium
* SECURITY UPDATE: out of bounds memory accesses on too short request
- debian/patches/CVE-2020-14360.patch: check SetMap request length
carefully in xkb/xkb.c.
- CVE-2020-14360
* SECURITY UPDATE: multiple heap overflows
- debian/patches/CVE-2020-25712.patch: add bounds checks in xkb/xkb.c.
- CVE-2020-25712
-- Marc Deslauriers <email address hidden> Mon, 30 Nov 2020 12:58:19 -0500
-
xorg-server (2:1.18.4-0ubuntu0.10) xenial-security; urgency=medium
* SECURITY UPDATE: Out-Of-Bounds access in XkbSetNames function
- debian/patches/CVE-2020-14345.patch: correct bounds checking in
xkb/xkb.c.
- CVE-2020-14345
-- Marc Deslauriers <email address hidden> Fri, 04 Sep 2020 09:35:30 -0400
-
xorg-server (2:1.18.4-0ubuntu0.9) xenial-security; urgency=medium
* SECURITY UPDATE: Integer underflow in the X input extension protocol
- debian/patches/CVE-2020-14346.patch: properly calculate length in
Xi/xichangehierarchy.c.
- CVE-2020-14346
* SECURITY UPDATE: server memory leak
- debian/patches/CVE-2020-14347.patch: initialize memory in
dix/pixmap.c.
- CVE-2020-14347
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14361.patch: fix dataLeft calculation in
xkb/xkbSwap.c.
- CVE-2020-14361
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14362.patch: properly calculate lengths in
record/record.c.
- CVE-2020-14362
-- Marc Deslauriers <email address hidden> Mon, 31 Aug 2020 10:20:00 -0400
-
xorg-server (2:1.18.4-0ubuntu0.8) xenial; urgency=medium
* glx-do-not-pick-srgb-config-for-32bit-rgba-visual.diff: Fix a
regression with newer mesa. (LP: #1780664)
-- Timo Aaltonen <email address hidden> Sat, 14 Jul 2018 01:28:30 +0300
-
xorg-server (2:1.18.4-0ubuntu0.7) xenial-security; urgency=medium
* SECURITY UPDATE: unvalidated extra length in ProcEstablishConnection
- debian/patches/CVE-2017-12176.patch: add check to dix/dispatch.c.
- CVE-2017-12176
* SECURITY UPDATE: Unvalidated variable-length request in
ProcDbeGetVisualInfo
- debian/patches/CVE-2017-12177.patch: add check to dbe/dbe.c.
- CVE-2017-12177
* SECURITY UPDATE: wrong extra length check in ProcXIChangeHierarchy
- debian/patches/CVE-2017-12178.patch: fix length check in
Xi/xichangehierarchy.c.
- CVE-2017-12178
* SECURITY UPDATE: integer overflow and unvalidated length in
ProcXIBarrierReleasePointer
- debian/patches/CVE-2017-12179-1.patch: test exact size of
XIBarrierReleasePointer in Xi/xibarriers.c.
- debian/patches/CVE-2017-12179-2.patch: add checks to Xi/xibarriers.c.
- CVE-2017-12179
* SECURITY UPDATE: various unvalidated lengths
- debian/patches/CVE-2017-12180-12182.patch: add more checks to
Xext/vidmode.c, hw/xfree86/common/xf86DGA.c,
hw/xfree86/dri/xf86dri.c.
- CVE-2017-12180
- CVE-2017-12181
- CVE-2017-12182
* SECURITY UPDATE: more unvalidated lengths
- debian/patches/CVE-2017-12183.patch: add checks to xfixes/cursor.c,
xfixes/region.c, xfixes/saveset.c, xfixes/xfixes.c.
- CVE-2017-12183
* SECURITY UPDATE: even more unvalidated lengths
- debian/patches/CVE-2017-12184-12187.patch: add more checks to
Xext/panoramiX.c, Xext/saver.c, Xext/xres.c, Xext/xvdisp.c,
hw/dmx/dmxpict.c, pseudoramiX/pseudoramiX.c, render/render.c.
- CVE-2017-12184
- CVE-2017-12185
- CVE-2017-12186
- CVE-2017-12187
* debian/patches/os_big_requests.patch: make sure big requests have
sufficient length in os/io.c.
* debian/patches/xkb_escape_fix.patch: escape non-printable characters
correctly in xkb/xkbtext.c.
-- Marc Deslauriers <email address hidden> Fri, 13 Oct 2017 08:40:17 -0400
-
xorg-server (2:1.18.4-0ubuntu0.6) xenial-security; urgency=medium
* SECURITY UPDATE: DoS or segment overwrite via shmseg resource id
- debian/patches/CVE-2017-13721.patch: validate shmseg resource id in
Xext/shm.c.
- CVE-2017-13721
* SECURITY UPDATE: buffer overflow via XKB data
- debian/patches/CVE-2017-13723.patch: handle xkb formatted string
output safely in xkb/xkbtext.c.
- CVE-2017-13723
* This update does _not_ contain the changes from 2:1.18.4-0ubuntu0.5 in
xenial-proposed.
-- Marc Deslauriers <email address hidden> Wed, 11 Oct 2017 13:27:20 -0400
-
xorg-server (2:1.18.4-0ubuntu0.5) xenial; urgency=medium
* Fix shrinking behavior in rrCheckPixmapBounding. (LP: #1715586)
-- Kai-Heng Feng <email address hidden> Thu, 07 Sep 2017 17:23:55 +0800
-
xorg-server (2:1.18.4-0ubuntu0.4) xenial; urgency=medium
* control: Build against libxfont1-dev. (LP: #1687981, #1707691)
* disable-rotation-transform-gpuscreens.patch: Dropped, NVIDIA driver
supports rotation now. (LP: #1706287)
-- Timo Aaltonen <email address hidden> Mon, 26 Jun 2017 14:53:19 +0300
-
xorg-server (2:1.18.4-0ubuntu0.3) xenial-security; urgency=medium
* SECURITY UPDATE: DoS and possible code execution in endianness
conversion of X Events
- debian/patches/CVE-2017-10971-1.patch: do not try to swap
GenericEvent in Xi/sendexev.c.
- debian/patches/CVE-2017-10971-2.patch: verify all events in
ProcXSendExtensionEvent in Xi/sendexev.c.
- debian/patches/CVE-2017-10971-3.patch: disallow GenericEvent in
SendEvent request in dix/events.c, dix/swapreq.c.
- CVE-2017-10971
* SECURITY UPDATE: information leak in XEvent handling
- debian/patches/CVE-2017-10972.patch: zero target buffer in
SProcXSendExtensionEvent in Xi/sendexev.c.
- CVE-2017-10972
* SECURITY UPDATE: MIT-MAGIC-COOKIES timing attack
- debian/patches/CVE-2017-2624.patch: use timingsafe_memcmp() in
configure.ac, include/dix-config.h.in, include/os.h,
os/mitauth.c, os/timingsafe_memcmp.c.
- CVE-2017-2624
-- Marc Deslauriers <email address hidden> Mon, 17 Jul 2017 09:38:58 -0400
-
xorg-server (2:1.18.4-0ubuntu0.2) xenial; urgency=medium
* modesetting-unifdef-slave-support.diff: Fix modesetting slave output
names. (LP: #1636397)
-- Timo Aaltonen <email address hidden> Tue, 01 Nov 2016 10:08:51 +0200
-
xorg-server (2:1.18.4-0ubuntu0.1) xenial; urgency=medium
* New upstream bugfix release. (LP: #1619142)
* randr-adjust-masters-last-set-time.diff,
randr-do-not-check-the-screen-size.diff:
Fix issues changing display mode on prime setups. (LP: #1586260)
* os-treat-ssh-as-a-non-local-client.diff: Dropped, upstream.
* drm_device_keep_trying.patch: Dropped, shouldn't be needed anymore,
and causes issues on non-x86 archs. (LP: #1581076)
* debian/patches/xmir.patch: backport XMir fixes from Ubuntu "Yakkety Yak"
- fix button/menu focus failures (lp: #1590553)
- ignore 'unnkown 11 event' (lp: #1617925)
- don't call epoxy every frame (lp: #1617932)
- fix unclickable parts of the screen after rotation (lp: #1613708)
- fix key repeat issues (lp: #1591356)
-- Timo Aaltonen <email address hidden> Thu, 01 Sep 2016 10:28:26 +0300
-
xorg-server (2:1.18.3-1ubuntu2.3) xenial; urgency=medium
[ Timo Aaltonen ]
* control: Add Conflicts/Replaces on xserver-xorg-video-glamoregl.
(LP: #1574320)
[ Ćukasz 'sil2100' Zemczak ]
* debian/control, debian/rules:
- Build xmir for arm64 (LP: #1604851).
-- Timo Aaltonen <email address hidden> Thu, 21 Jul 2016 08:27:07 +0300
-
xorg-server (2:1.18.3-1ubuntu2.2) xenial; urgency=medium
* debian/patches/xmir.patch:
- Fix recently added keymap code
* debian/patches/xmir-fixes.diff:
- Merged into xmir.patch
xorg-server (2:1.18.3-1ubuntu2.1) xenial; urgency=medium
* debian/patches/xmir.patch:
- Pass keymap from Mir to Xkb (LP: #1566487)
-- Robert Ancell <email address hidden> Wed, 04 May 2016 12:19:14 +1200
-
xorg-server (2:1.18.3-1ubuntu2.1) xenial; urgency=medium
* debian/patches/xmir.patch:
- Pass keymap from Mir to Xkb (LP: #1566487)
-- Robert Ancell <email address hidden> Fri, 29 Apr 2016 15:43:38 +0200
-
xorg-server (2:1.18.3-1ubuntu2) xenial; urgency=medium
* Disable 190_cache-xkbcomp_output_for_fast_start_up.patch for now,
compiling the keymap fails in current xenial for some reason.
(LP: #1566878)
-- Timo Aaltonen <email address hidden> Thu, 07 Apr 2016 12:10:12 +0300
-
xorg-server (2:1.18.3-1ubuntu1) xenial; urgency=medium
* Merge from Debian.
* fix-xineramaqueryscreens-for-reverse-prime.diff,
glamor-factor-out-glamor-set-color.diff,
glamor-source-pictures-are-always-depth-32.diff:
Deleted, upstream.
* xmir-fixes.diff: Updated for glamor changes.
* 105_nvidia_autodetect.patch: Modified and renamed since it doesn't
need to handle fglrx anymore.
xorg-server (2:1.18.3-1) unstable; urgency=medium
* New upstream release.
* Drop patches included upstream.
xorg-server (2:1.18.2-3) unstable; urgency=medium
* regression fixes part2:
- replace revert-eb5108b870.diff with patch from upstream
- make-sure-hw-cursor-is-hidden-when-it-should.diff: Don't show an
extra cursor in some cases
* os-treat-ssh-as-a-non-local-client.diff: Allow remote clients to work
with DRI3.
xorg-server (2:1.18.2-2) unstable; urgency=medium
* regression fixes/workarounds:
vidmode-reduce-verbosity-of-getmodeline.diff (Closes: #818634)
glamor-swizzle-red-to-0-for-alpha-textures.diff
revert-eb5108b870.diff (Closes: #818172)
xorg-server (2:1.18.2-1) unstable; urgency=medium
* New upstream release. (Closes: #814982)
-- Timo Aaltonen <email address hidden> Sat, 12 Mar 2016 08:59:43 +0200
-
xorg-server (2:1.18.1-1ubuntu4) xenial; urgency=medium
* glamor: Fix font rendering issue. (LP: #1555960)
-- Timo Aaltonen <email address hidden> Fri, 11 Mar 2016 09:36:40 +0200
-
xorg-server (2:1.18.1-1ubuntu3) xenial; urgency=medium
* Merge xmir changes from 2:1.17.3-2ubuntu4.
* fix-xineramaqueryscreens-for-reverse-prime.diff: Fix unity-greeter
crash with nvidia prime.
-- Timo Aaltonen <email address hidden> Thu, 25 Feb 2016 11:49:23 +0200
-
xorg-server (2:1.17.3-2ubuntu4) xenial; urgency=medium
* debian/patches/xmir.patch:
- Revert swapinterval 0 change
-- Robert Ancell <email address hidden> Tue, 16 Feb 2016 09:35:17 -0800
-
xorg-server (2:1.17.3-2ubuntu3) xenial; urgency=medium
* debian/patches/xmir.patch:
- Add ability to set title for XMir (LP: #1542028)
- Use swapinterval 0 (LP: #1502738)
- Add sufficient traversal hacks for Matchbox
-- Robert Ancell <email address hidden> Mon, 15 Feb 2016 17:32:21 -0800
-
xorg-server (2:1.17.3-2ubuntu2) xenial; urgency=medium
* Disable mir on s390x.
-- Dimitri John Ledkov <email address hidden> Wed, 25 Nov 2015 16:11:38 +0000
-
xorg-server (2:1.17.3-2ubuntu1) xenial; urgency=medium
[ Robert Ancell ]
* debian/patches/xmir.patch:
- Update to latest version
* debian/patches/xmir-rootless.patch:
- Merged into xmir.patch
[ Timo Aaltonen ]
* Merge from Debian. (LP: #1511649)
* glamor-make-current-in-prepare-paths.diff,
linux-Do-not-call-FatalError-from-xf86CloseConsole.patch:
Dropped, upstream.
xorg-server (2:1.17.3-2) unstable; urgency=medium
* Finalize xserver-xorg-core.NEWS. Thanks, Michael Biebl!
xorg-server (2:1.17.3-1) unstable; urgency=medium
[ Julien Cristau ]
* New upstream release
- mi: fix typo in warning about overflowing queue (closes: #726041)
* Refresh 02_kbsd-input-devd.diff and 03_static-nettle.diff.
* Replace xorg-wrapper-envp.diff with a cherry-pick from master.
* New patch xext-fix-udeb-build.diff to fix build regression in 1.17.3.
* Add NEWS file for xserver-xorg-core with info about the -legacy split
(closes: #801487).
* Recommend libpam-systemd (closes: #802544, #802618, #802327, #802566,
probably others)
[ Andreas Boll ]
* Use the correct repository for the Vcs-Git field (Closes: #801340).
Thanks, Vagrant Cascadian.
* Document new location for non-root Xorg log in the NEWS file.
[ Samuel Thibault ]
* Fix xorg-wrapper on hurd (cherry-picked from master).
xorg-server (2:1.17.2-3) unstable; urgency=medium
* Team upload.
[ Laurent Bigonville ]
* Move Xorg.wrap.1 man page from the xserver-xorg-core to
xserver-xorg-legacy package (Closes: #797661)
* Add a Breaks against systemd (<< 226-4~), before that version logind was
restarted on upgrade which makes the X server crash (See #798097)
* Bump Standards-Version to 3.9.6 (no further changes)
[ Andreas Boll ]
* Update Vcs-* fields.
* Add upstream url.
[ Julien Cristau ]
* Only reset environment in the Xorg wrapper if we didn't drop privileges.
xorg-server (2:1.17.2-2) experimental; urgency=medium
[ Laurent Bigonville ]
* Enable logind support for the main build on Linux.
* Build and ship the setuid root wrapper from upstream, replacing
xserver-xorg's.
[ Julien Cristau ]
* Take over x11-common's handling of the X wrapper; ship the wrapper in a
new xserver-xorg-legacy package.
* Patch the wrapper to reset Xorg's environment. I don't believe it needs
any variable there, and if that turns out to be wrong we can add a
whitelist or hardcode some values.
xorg-server (2:1.17.2-1.1) unstable; urgency=medium
* Non-Maintainer Upload.
[ Sven Joachim ]
* Install the whole usr/share/man/man4 directory into xserver-xorg-core,
fixes FTBFS on hurd where modesetting.4 does not exist (Closes: #794644).
-- Timo Aaltonen <email address hidden> Tue, 10 Nov 2015 18:20:55 +0200
-
xorg-server (2:1.17.2-1ubuntu10) xenial; urgency=medium
* debian/patches:
- linux-Do-not-call-FatalError-from-xf86CloseConsole.patch: Fix crashers
often occuring on shutdown (LP: #1237904)
- xmir.patch: Fix typo causing FTBFS
-- Tim Lunn <email address hidden> Mon, 26 Oct 2015 12:24:30 +1100
-
xorg-server (2:1.17.2-1ubuntu9) wily; urgency=medium
* debian/patches/xmir.patch:
- Fix FTBFS due to change in Mir headers
-- Robert Ancell <email address hidden> Wed, 30 Sep 2015 16:15:39 +1300
