-
xorg-server (2:1.19.3-1ubuntu1.3) zesty-security; urgency=medium
* SECURITY UPDATE: unvalidated extra length in ProcEstablishConnection
- debian/patches/CVE-2017-12176.patch: add check to dix/dispatch.c.
- CVE-2017-12176
* SECURITY UPDATE: Unvalidated variable-length request in
ProcDbeGetVisualInfo
- debian/patches/CVE-2017-12177.patch: add check to dbe/dbe.c.
- CVE-2017-12177
* SECURITY UPDATE: wrong extra length check in ProcXIChangeHierarchy
- debian/patches/CVE-2017-12178.patch: fix length check in
Xi/xichangehierarchy.c.
- CVE-2017-12178
* SECURITY UPDATE: integer overflow and unvalidated length in
ProcXIBarrierReleasePointer
- debian/patches/CVE-2017-12179-1.patch: test exact size of
XIBarrierReleasePointer in Xi/xibarriers.c.
- debian/patches/CVE-2017-12179-2.patch: add checks to Xi/xibarriers.c.
- CVE-2017-12179
* SECURITY UPDATE: various unvalidated lengths
- debian/patches/CVE-2017-12180-12182.patch: add more checks to
Xext/vidmode.c, hw/xfree86/common/xf86DGA.c,
hw/xfree86/dri/xf86dri.c.
- CVE-2017-12180
- CVE-2017-12181
- CVE-2017-12182
* SECURITY UPDATE: more unvalidated lengths
- debian/patches/CVE-2017-12183.patch: add checks to xfixes/cursor.c,
xfixes/region.c, xfixes/saveset.c, xfixes/xfixes.c.
- CVE-2017-12183
* SECURITY UPDATE: even more unvalidated lengths
- debian/patches/CVE-2017-12184-12187.patch: add more checks to
Xext/panoramiX.c, Xext/saver.c, Xext/xres.c, Xext/xvdisp.c,
hw/dmx/dmxpict.c, pseudoramiX/pseudoramiX.c, render/render.c.
- CVE-2017-12184
- CVE-2017-12185
- CVE-2017-12186
- CVE-2017-12187
* debian/patches/os_big_requests.patch: make sure big requests have
sufficient length in os/io.c.
* debian/patches/xkb_escape_fix.patch: escape non-printable characters
correctly in xkb/xkbtext.c.
-- Marc Deslauriers <email address hidden> Fri, 13 Oct 2017 08:23:38 -0400
-
xorg-server (2:1.19.3-1ubuntu1.2) zesty-security; urgency=medium
* SECURITY UPDATE: DoS or segment overwrite via shmseg resource id
- debian/patches/CVE-2017-13721.patch: validate shmseg resource id in
Xext/shm.c.
- CVE-2017-13721
* SECURITY UPDATE: buffer overflow via XKB data
- debian/patches/CVE-2017-13723.patch: handle xkb formatted string
output safely in xkb/xkbtext.c.
- CVE-2017-13723
-- Marc Deslauriers <email address hidden> Wed, 11 Oct 2017 13:23:51 -0400
-
xorg-server (2:1.19.3-1ubuntu1.1) zesty-security; urgency=medium
* SECURITY UPDATE: DoS and possible code execution in endianness
conversion of X Events
- debian/patches/CVE-2017-10971-1.patch: do not try to swap
GenericEvent in Xi/sendexev.c.
- debian/patches/CVE-2017-10971-2.patch: verify all events in
ProcXSendExtensionEvent in Xi/sendexev.c.
- debian/patches/CVE-2017-10971-3.patch: disallow GenericEvent in
SendEvent request in dix/events.c, dix/swapreq.c.
- CVE-2017-10971
* SECURITY UPDATE: information leak in XEvent handling
- debian/patches/CVE-2017-10972.patch: zero target buffer in
SProcXSendExtensionEvent in Xi/sendexev.c.
- CVE-2017-10972
-- Marc Deslauriers <email address hidden> Mon, 17 Jul 2017 09:37:46 -0400
-
xorg-server (2:1.19.3-1ubuntu1) zesty; urgency=medium
[ Timo Aaltonen ]
* Merge from Debian experimental. (LP: #1671799)
- Patches refreshed
- randr-adjust-masters-last-set-time.diff,
modesetting-unifdef-slave-support.diff: Dropped, upstream
- config-add-no-removal.patch, xf86-inactive-gpuscreen.patch,
fix-detach-gpu.patch: Dropped, more or less obsolete
* 190_cache-xkbcomp_output_for_fast_start_up.patch: Cleaned up from
the package as it wasn't used.
* 111_armel-drv-fallbacks.patch: Dropped, we don't ship these drivers
anymore.
* rules: Drop the workaround that adds lt_cv_prog_compiler_static_works=no
to confflags.
* 232-xf86compatoutput-valgrind.patch: This was added upstream
already, no need to carry a duplicate check.
* 208_switch_on_release.diff: Dropped, doesn't work with 1.19.
* 228_autobind_gpu.patch: Update from Fedora, fixes nvidia.
* disable-rotation-transform-gpuscreens.patch: Dropped, nvidia
supports rotation now.
* 122_xext_fix_card32_overflow_in_xauth.patch: Dropped, upstream
review found issues and it never got applied.
* xfree86-no-xv-for-gpuscreens.patch: Drop bogus buglink.
* 227_null_ptr_midispcur.patch: Dropped, upstream didn't accept it.
* randr-do-not-check-the-screen-size.diff: Dropped, can't reproduce
#1586260 anymore without the patch.
[ Robert Ancell ]
* debian/patches/xmir.patch:
- Refresh
- Fix warnings when built against lp:mir/0.25
- Support both Mir 0.24, 0.25 and 0.26 client APIs
- Fix crashing on arm64 (LP: #1642297)
xorg-server (2:1.19.3-1) unstable; urgency=medium
* New upstream release.
xorg-server (2:1.19.2-1) unstable; urgency=medium
[ Andreas Boll ]
* xserver-xorg-core.bug.script: Change udevadm path from /sbin to /bin
(Closes: #852584).
[ Emilio Pozuelo Monfort ]
* New upstream stable release.
- CVE-2017-2624: Timing attack against MIT cookie. Closes: #856398.
* control: Build-depend on libbsd-dev everywhere, needed for
arc4random_buf for the above fix.
xorg-server (2:1.19.1-4) unstable; urgency=medium
* rules: Only set the suid bit on Xorg.wrap when building arch:any
packages. Thanks Julien Cristau.
xorg-server (2:1.19.1-3) unstable; urgency=medium
* rules: Fix setting suid bit on Xorg.wrap.
* rules: Don't ignore errors when setting the suid bit.
xorg-server (2:1.19.1-2) unstable; urgency=medium
* rules: Fix udeb regression from dh migration. Should also fix FTBFS
on hurd and kfreebsd.
* rules: Add --fail-missing to dh_install.
* rules: Remove unused vars config_backend_main and
config_backend_udeb.
xorg-server (2:1.19.1-1) unstable; urgency=medium
[ Emilio Pozuelo Monfort ]
* Switch to dh.
* Drop build-deps on automake and libtool, dh-autoreconf depends on
them for us.
* rules: use install consistently.
* Drop pre-wheezy Breaks.
[ Andreas Boll ]
* New upstream release.
- AttendClient of grab-pervious client must queue to
saved_ready_clients [v2] (Closes: #846779, #850940).
- present: Only call present_flip_notify if vblank->queued == FALSE
(Closes: #849250).
xorg-server (2:1.19.0-3) unstable; urgency=medium
* Drop xserver-xorg-core-dbg in favor of xserver-xorg-core-dbgsym.
* Cherry-pick upstream commit d6da2086951,
Revert "damage: Make damageRegionProcessPending take a damage not a
drawable". Fixes a crash caused by trying to free an invalid pointer.
Closes: #847025, #848321.
xorg-server (2:1.19.0-2) unstable; urgency=medium
* Disable glamor on the udeb build. It's not needed there.
This has the side effect of fixing the Hurd build.
* debian/patches/02_kbsd-input-devd.diff:
- Ported to NotifyFd. Fixes the kFreeBSD build.
* Bump Standards-Version to 3.9.8; no changes needed.
xorg-server (2:1.19.0-1) unstable; urgency=medium
[ Andreas Boll ]
* New upstream release.
* rules: Explicitly disable glamor on hurd. Should fix FTBFS on hurd.
[ Emilio Pozuelo Monfort ]
* Upload to unstable.
xorg-server (2:1.18.99.902-1) experimental; urgency=medium
[ Timo Aaltonen ]
* New upstream release candidate 1.
* control: Bump libxfont-dev build-dependency.
* patches:
- refreshed
- glamor-Declare-pos-in-the-composite-glyph.diff dropped, upstream
* control: Add libxcb-xkb-dev to build-depends.
* serverminver: Bumped.
* watch: Fix a typo.
[ Emilio Pozuelo Monfort ]
* New upstream release candidate 2.
* rules: Drop aiglx enable/disable flags, removed upstream.
* control: Bump x11proto-core-dev requirement.
* control: Add wayland-protocols build-dep on linux for Xwayland.
xorg-server (2:1.18.4-2) unstable; urgency=medium
[ Julien Cristau ]
* Adjust bug script to look for log files in $HOME/.local/share/xorg in
addition to /var/log, to handle unprivileged Xorg.
* Update a bunch of URLs in packaging to https.
[ Andreas Boll ]
* Add glamor-Declare-pos-in-the-composite-glyph.diff from upstream
(Closes: #834054).
-- Timo Aaltonen <email address hidden> Mon, 27 Mar 2017 19:43:08 +0300
-
xorg-server (2:1.18.4-1ubuntu9) zesty; urgency=medium
* control: Depend on libxfont1-dev.
-- Timo Aaltonen <email address hidden> Thu, 15 Dec 2016 13:44:15 +0200
-
xorg-server (2:1.18.4-1ubuntu8) zesty; urgency=medium
* xvfb-run: Bump default bitdepth to 16 so that GLX works.
-- Timo Aaltonen <email address hidden> Thu, 15 Dec 2016 12:33:01 +0200
-
xorg-server (2:1.18.4-1ubuntu7) zesty; urgency=medium
* modesetting-unifdef-slave-support.diff: Fix modesetting slave output
names. (LP: #1636397)
-- Timo Aaltonen <email address hidden> Tue, 25 Oct 2016 10:48:45 +0300
-
xorg-server (2:1.18.4-1ubuntu6) yakkety; urgency=medium
* debian/patches/xmir.patch:
- Don't call epoxy every frame (LP: #1617932)
- Ignore 'unknown 11 event' (LP: #1617925)
- Improve root window resizing code
- Make randr mode names simpler
-- Robert Ancell <email address hidden> Wed, 07 Sep 2016 15:50:30 +1200
