diff options
-rw-r--r-- | .SRCINFO | 16 | ||||
-rw-r--r-- | 0001-fix-for-ZDI-11426.patch | 34 | ||||
-rw-r--r-- | PKGBUILD | 19 |
3 files changed, 14 insertions, 55 deletions
@@ -1,8 +1,9 @@ pkgbase = xorg-server-noudev - pkgver = 1.20.8 - pkgrel = 3 + pkgver = 1.20.9 + pkgrel = 1 url = https://xorg.freedesktop.org arch = x86_64 + arch = aarch64 groups = xorg-noudev license = custom makedepends = xorgproto @@ -35,12 +36,11 @@ pkgbase = xorg-server-noudev makedepends = wayland-protocols makedepends = egl-wayland makedepends = meson - source = https://xorg.freedesktop.org/releases/individual/xserver/xorg-server-1.20.8.tar.bz2 - source = https://xorg.freedesktop.org/releases/individual/xserver/xorg-server-1.20.8.tar.bz2.sig + source = https://xorg.freedesktop.org/releases/individual/xserver/xorg-server-1.20.9.tar.bz2 + source = https://xorg.freedesktop.org/releases/individual/xserver/xorg-server-1.20.9.tar.bz2.sig source = xserver-autobind-hotplug.patch source = 0001-v2-FS-58644.patch source = 0002-fix-libshadow-2.patch - source = 0001-fix-for-ZDI-11426.patch source = xvfb-run source = xvfb-run.1 validpgpkeys = 7B27A3F1A6E18CD9588B4AE8310180050905E40C @@ -48,12 +48,11 @@ pkgbase = xorg-server-noudev validpgpkeys = DD38563A8A8224537D1F90E45B8A2D50A0ECD0D3 validpgpkeys = 995ED5C8A6138EB0961F18474C09DD83CAAA50B2 validpgpkeys = 3BB639E56F861FA2E86505690FDD682D974CA72A - sha512sums = ab0ec0fcbf490c61558b9297f61b58fd2dedb676c78bef6431dc9166054743b43a0091b88a8b3f4e81d1f539909440ee7e188a298cefabe13ea89159639cd805 + sha512sums = d9b5f93e1b9763a89187d8b272aa7d4ce9709641b8539f4536708af153310e5a4931bffd4229c51a3b0e3b12da7838750aa71b635751fb4c0bb27438cce4e5e6 sha512sums = SKIP sha512sums = d84f4d63a502b7af76ea49944d1b21e2030dfd250ac1e82878935cf631973310ac9ba1f0dfedf10980ec6c7431d61b7daa4b7bbaae9ee477b2c19812c1661a22 sha512sums = 74e1aa0c101e42f0f25349d305641873b3a79ab3b9bb2d4ed68ba8e392b4db2701fcbc35826531ee2667d3ee55673e4b4fecc2a9f088141af29ceb400f72f363 sha512sums = 3d3be34ad9fa976daec53573d3a30a9f1953341ba5ee27099af0141f0ef7994fa5cf84dc08aae848380e6abfc10879f9a67f07601c7a437abf8aef13a3ec9fe1 - sha512sums = 153ff7eed7fda7c6e28f28e514180fb0397ee984e709af95b8a9dcf6b2862191627cf725aae33d4b03f4aab2a988c2d4fa2e77e5c6a874b656c962b27cb5240b sha512sums = 73c8ead9fba6815dabfec0a55b3a53f01169f6f2d14ac4a431e53b2d96028672dbd6b50a3314568847b37b1e54ea4fc02bdf677feabb3b2697af55e2e5331810 sha512sums = de5e2cb3c6825e6cf1f07ca0d52423e17f34d70ec7935e9dd24be5fb9883bf1e03b50ff584931bd3b41095c510ab2aa44d2573fd5feaebdcb59363b65607ff22 @@ -66,7 +65,6 @@ pkgname = xorg-server-noudev depends = libunwind depends = dbus depends = libgl - depends = xf86-input-libinput depends = nettle depends = libpciaccess depends = libdrm @@ -80,7 +78,7 @@ pkgname = xorg-server-noudev conflicts = nvidia-utils<=331.20 conflicts = glamor-egl conflicts = xf86-video-modesetting - conflicts = xf86-input-evdev + conflicts = xf86-input-libinput replaces = xorg-server replaces = glamor-egl replaces = xf86-video-modesetting diff --git a/0001-fix-for-ZDI-11426.patch b/0001-fix-for-ZDI-11426.patch deleted file mode 100644 index 4cb699d05ab8..000000000000 --- a/0001-fix-for-ZDI-11426.patch +++ /dev/null @@ -1,34 +0,0 @@ -From aac28e162e5108510065ad4c323affd6deffd816 Mon Sep 17 00:00:00 2001 -From: Matthieu Herrb <matthieu@herrb.eu> -Date: Sat, 25 Jul 2020 19:33:50 +0200 -Subject: [PATCH] fix for ZDI-11426 - -Avoid leaking un-initalized memory to clients by zeroing the -whole pixmap on initial allocation. - -This vulnerability was discovered by: -Jan-Niklas Sohn working with Trend Micro Zero Day Initiative - -Signed-off-by: Matthieu Herrb <matthieu@herrb.eu> -Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> -Signed-off-by: Laurent Carlier <lordheavym@gmail.com> ---- - dix/pixmap.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/dix/pixmap.c b/dix/pixmap.c -index 1186d7dbb..5a0146bbb 100644 ---- a/dix/pixmap.c -+++ b/dix/pixmap.c -@@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize) - if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize) - return NullPixmap; - -- pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize); -+ pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize); - if (!pPixmap) - return NullPixmap; - --- -2.28.0 - @@ -10,9 +10,9 @@ pkgbase=xorg-server-noudev _pkgbase=xorg-server pkgname=('xorg-server-noudev' 'xorg-server-xephyr-noudev' 'xorg-server-xvfb-noudev' 'xorg-server-xnest-noudev' 'xorg-server-xwayland-noudev' 'xorg-server-common-noudev' 'xorg-server-devel-noudev') -pkgver=1.20.8 -pkgrel=3 -arch=('x86_64') +pkgver=1.20.9 +pkgrel=1 +arch=('x86_64' 'aarch64') license=('custom') groups=('xorg-noudev') url="https://xorg.freedesktop.org" @@ -26,7 +26,6 @@ source=(https://xorg.freedesktop.org/releases/individual/xserver/${_pkgbase}-${p xserver-autobind-hotplug.patch 0001-v2-FS-58644.patch 0002-fix-libshadow-2.patch - 0001-fix-for-ZDI-11426.patch xvfb-run # with updates from FC master xvfb-run.1) validpgpkeys=('7B27A3F1A6E18CD9588B4AE8310180050905E40C' @@ -34,12 +33,11 @@ validpgpkeys=('7B27A3F1A6E18CD9588B4AE8310180050905E40C' 'DD38563A8A8224537D1F90E45B8A2D50A0ECD0D3' '995ED5C8A6138EB0961F18474C09DD83CAAA50B2' '3BB639E56F861FA2E86505690FDD682D974CA72A') -sha512sums=('ab0ec0fcbf490c61558b9297f61b58fd2dedb676c78bef6431dc9166054743b43a0091b88a8b3f4e81d1f539909440ee7e188a298cefabe13ea89159639cd805' +sha512sums=('d9b5f93e1b9763a89187d8b272aa7d4ce9709641b8539f4536708af153310e5a4931bffd4229c51a3b0e3b12da7838750aa71b635751fb4c0bb27438cce4e5e6' 'SKIP' 'd84f4d63a502b7af76ea49944d1b21e2030dfd250ac1e82878935cf631973310ac9ba1f0dfedf10980ec6c7431d61b7daa4b7bbaae9ee477b2c19812c1661a22' '74e1aa0c101e42f0f25349d305641873b3a79ab3b9bb2d4ed68ba8e392b4db2701fcbc35826531ee2667d3ee55673e4b4fecc2a9f088141af29ceb400f72f363' '3d3be34ad9fa976daec53573d3a30a9f1953341ba5ee27099af0141f0ef7994fa5cf84dc08aae848380e6abfc10879f9a67f07601c7a437abf8aef13a3ec9fe1' - '153ff7eed7fda7c6e28f28e514180fb0397ee984e709af95b8a9dcf6b2862191627cf725aae33d4b03f4aab2a988c2d4fa2e77e5c6a874b656c962b27cb5240b' '73c8ead9fba6815dabfec0a55b3a53f01169f6f2d14ac4a431e53b2d96028672dbd6b50a3314568847b37b1e54ea4fc02bdf677feabb3b2697af55e2e5331810' 'de5e2cb3c6825e6cf1f07ca0d52423e17f34d70ec7935e9dd24be5fb9883bf1e03b50ff584931bd3b41095c510ab2aa44d2573fd5feaebdcb59363b65607ff22') @@ -55,9 +53,6 @@ prepare() { # Fix libshadow.so: libfb.so => not found - merge in master patch -Np1 -i ../0002-fix-libshadow-2.patch - - # fix CVE-2020-14347 - patch -Np1 -i ../0001-fix-for-ZDI-11426.patch } build() { @@ -89,7 +84,7 @@ build() { # Print config meson configure build - ninja -C build + ninja -C build -j2 # fake installation to be seperated into packages DESTDIR="${srcdir}/fakeinstall" ninja -C build install @@ -123,13 +118,13 @@ package_xorg-server-common-noudev() { package_xorg-server-noudev() { pkgdesc="Xorg X server (without udev support)" depends=(libepoxy libxfont2 pixman xorg-server-common-noudev libunwind - dbus libgl xf86-input-libinput nettle + dbus libgl nettle libpciaccess libdrm libxshmfence) # FS#52949 # see xorg-server-*/hw/xfree86/common/xf86Module.h for ABI versions - we provide major numbers that drivers can depend on # and /usr/lib/pkgconfig/xorg-server.pc in xorg-server-devel pkg provides=('xorg-server' 'X-ABI-VIDEODRV_VERSION=24.0' 'X-ABI-XINPUT_VERSION=24.1' 'X-ABI-EXTENSION_VERSION=10.0' 'x-server') - conflicts=('xorg-server' 'nvidia-utils<=331.20' 'glamor-egl' 'xf86-video-modesetting' 'xf86-input-evdev') + conflicts=('xorg-server' 'nvidia-utils<=331.20' 'glamor-egl' 'xf86-video-modesetting' 'xf86-input-libinput') replaces=('xorg-server' 'glamor-egl' 'xf86-video-modesetting') _install fakeinstall/usr/bin/{Xorg,cvt,gtf} |