debian/changelog | 45 ++++++++++- debian/control | 31 ++++++- debian/local/Xsession.5 | 7 + debian/local/Xsession.d/35x11-common_xhost-local | 10 ++ debian/x11-common.init | 90 +++++++++++++++-------- 5 files changed, 146 insertions(+), 37 deletions(-)
New commits: commit ef5475bed21e8090a0d029e114890dfe7e389b21 Author: Maarten Lankhorst <maarten.lankho...@canonical.com> Date: Thu Jan 3 16:58:51 2013 +0100 sync with xorg 7.6+12ubuntu2 uploaded to precise diff --git a/debian/changelog b/debian/changelog index 7e8fd25..7196ad1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,15 @@ +xorg (1:7.6+12ubuntu2) precise-proposed; urgency=low + + * Update package to enable support for quantal backport stack (LP: #1095686) + * Add xserver-xorg-lts-precise which can be installed to rollback from renamed stack + - depends on unrenamed xserver-xorg, recommends unrenamed versions of packages + * Allow xserver-xorg-renamed to satisfy xorg's xserver-xorg dependency + * Require unrenamed versions of packages in xserver-xorg + * Add conflicts/replaces in xserver-xorg to xorg-renamed-package, + and provide xserver-xorg-renamed + + -- Maarten Lankhorst <maarten.lankho...@ubuntu.com> Thu, 22 Nov 2012 00:00:43 +0100 + xorg (1:7.6+12ubuntu1) precise; urgency=low * Merge from Debian unstable. diff --git a/debian/control b/debian/control index 04fe8e0..6effb2a 100644 --- a/debian/control +++ b/debian/control @@ -34,9 +34,9 @@ Package: xserver-xorg Architecture: any Depends: xserver-xorg-core (>= 2:1.11), - xserver-xorg-video-all | xorg-driver-video, - xserver-xorg-input-all | xorg-driver-input, - xserver-xorg-input-evdev [linux-any], + xserver-xorg-video-all (>= 0~) | xorg-driver-video, + xserver-xorg-input-all (>= 0~) | xorg-driver-input, + xserver-xorg-input-evdev (>= 0~) [linux-any], hal (>= 0.5.14-4~) [kfreebsd-any], ${shlibs:Depends}, ${misc:Depends}, @@ -44,7 +44,28 @@ Depends: x11-xkb-utils Recommends: libgl1-mesa-dri, -Provides: xserver +Provides: + xserver-xorg-renamed, + xserver, +Replaces: + xserver-xorg-renamed, + xorg-renamed-package, +Conflicts: + xserver-xorg-renamed, + xorg-renamed-package, +Description: X.Org X server + This package depends on the full suite of the server and drivers for the + X.Org X server. It does not provide the actual server itself. + +Package: xserver-xorg-lts-precise +Architecture: any +Depends: + xserver-xorg (>= 0~), +Recommends: + libgl1-mesa-dri (>= 0~), + libgl1-mesa-glx (>= 0~), + xserver-xorg-video-all (>= 0~), + xserver-xorg-input-all (>= 0~), Description: X.Org X server This package depends on the full suite of the server and drivers for the X.Org X server. It does not provide the actual server itself. @@ -78,7 +99,7 @@ Description: X.Org X server -- input driver metapackage Package: xorg Architecture: any Depends: - xserver-xorg (>= ${binary:Version}), + xserver-xorg (>= ${binary:Version}) | xserver-xorg-renamed, libgl1-mesa-glx | libgl1, libgl1-mesa-dri, libglu1-mesa, commit aae5708284ebb931ff4241fe50b21f9033b5f245 Author: Timo Aaltonen <tjaal...@ubuntu.com> Date: Thu Mar 22 19:42:43 2012 +0200 update the changelog for release diff --git a/debian/changelog b/debian/changelog index 0417729..7e8fd25 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +xorg (1:7.6+12ubuntu1) precise; urgency=low + + * Merge from Debian unstable. + + -- Timo Aaltonen <tjaal...@ubuntu.com> Thu, 22 Mar 2012 19:42:07 +0200 + xorg (1:7.6+12) unstable; urgency=high * Fix unsafe manipulation of /tmp/.X11-unix and /tmp/.ICE-unix in the commit 75d568a94a7ccfb37a51711c9f1ac42f584ec140 Author: Julien Cristau <jcris...@debian.org> Date: Sat Mar 3 18:55:44 2012 +0100 Upload to unstable diff --git a/debian/changelog b/debian/changelog index 2be2fa8..5f8f3d8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -xorg (1:7.6+12) UNRELEASED; urgency=high +xorg (1:7.6+12) unstable; urgency=high * Fix unsafe manipulation of /tmp/.X11-unix and /tmp/.ICE-unix in the x11-common init script. A malicious user could trick us into changing @@ -7,7 +7,7 @@ xorg (1:7.6+12) UNRELEASED; urgency=high "vladz", Tim Morgan and Bernhard R. Link for their help getting this right (any remaining bugs are my own). - -- Julien Cristau <jcris...@debian.org> Fri, 02 Mar 2012 21:38:07 +0100 + -- Julien Cristau <jcris...@debian.org> Sat, 03 Mar 2012 18:54:30 +0100 xorg (1:7.6+11) unstable; urgency=low commit 0418b8dd8fa6940285f7f6b71302655942c15fb7 Author: Julien Cristau <jcris...@debian.org> Date: Fri Mar 2 21:57:56 2012 +0100 Be more careful before running chown/chmod in x11-common.init Fix unsafe manipulation of /tmp/.X11-unix and /tmp/.ICE-unix in the x11-common init script. A malicious user could trick us into changing ownership/permissions of an arbitrary directory, and elevate their privileges (closes: #661627). Reference: CVE-2012-1093. diff --git a/debian/changelog b/debian/changelog index 53edbbe..2be2fa8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +xorg (1:7.6+12) UNRELEASED; urgency=high + + * Fix unsafe manipulation of /tmp/.X11-unix and /tmp/.ICE-unix in the + x11-common init script. A malicious user could trick us into changing + ownership/permissions of an arbitrary directory, and elevate their + privileges (closes: #661627). Reference: CVE-2012-1093. Thanks to + "vladz", Tim Morgan and Bernhard R. Link for their help getting this right + (any remaining bugs are my own). + + -- Julien Cristau <jcris...@debian.org> Fri, 02 Mar 2012 21:38:07 +0100 + xorg (1:7.6+11) unstable; urgency=low * Team upload. diff --git a/debian/x11-common.init b/debian/x11-common.init index 34835ac..014594b 100644 --- a/debian/x11-common.init +++ b/debian/x11-common.init @@ -2,17 +2,17 @@ # /etc/init.d/x11-common: set up the X server and ICE socket directories ### BEGIN INIT INFO # Provides: x11-common -# Required-Start: $local_fs -# Required-Stop: $local_fs +# Required-Start: $remote_fs +# Required-Stop: $remote_fs # Default-Start: S # Default-Stop: ### END INIT INFO set -e -PATH=/bin:/sbin -SOCKET_DIR=/tmp/.X11-unix -ICE_DIR=/tmp/.ICE-unix +PATH=/usr/bin:/usr/sbin:/bin:/sbin +SOCKET_DIR=.X11-unix +ICE_DIR=.ICE-unix . /lib/lsb/init-functions if [ -f /etc/default/rcS ]; then @@ -26,36 +26,60 @@ do_restorecon () { fi } -set_up_socket_dir () { - if [ "$VERBOSE" != no ]; then - log_begin_msg "Setting up X server socket directory $SOCKET_DIR..." - fi - if [ -e $SOCKET_DIR ] && [ ! -d $SOCKET_DIR ]; then - mv $SOCKET_DIR $SOCKET_DIR.$$ - fi - mkdir -p $SOCKET_DIR - chown root:root $SOCKET_DIR - chmod 1777 $SOCKET_DIR - do_restorecon $SOCKET_DIR - [ "$VERBOSE" != no ] && log_end_msg 0 || return 0 -} +# create a directory in /tmp. +# assumes /tmp has a sticky bit set (or is only writeable by root) +set_up_dir () { + DIR="/tmp/$1" -set_up_ice_dir () { if [ "$VERBOSE" != no ]; then - log_begin_msg "Setting up ICE socket directory $ICE_DIR..." + log_progress_msg "$DIR" fi - if [ -e $ICE_DIR ] && [ ! -d $ICE_DIR ]; then - mv $ICE_DIR $ICE_DIR.$$ + # if $DIR exists and isn't a directory, move it aside + if [ -e $DIR ] && ! [ -d $DIR ] || [ -h $DIR ]; then + mv "$DIR" "$(mktemp -d $DIR.XXXXXX)" fi - mkdir -p $ICE_DIR - chown root:root $ICE_DIR - chmod 1777 $ICE_DIR - do_restorecon $ICE_DIR - [ "$VERBOSE" != no ] && log_end_msg 0 || return 0 + + error=0 + while :; do + if [ $error -ne 0 ] ; then + # an error means the file-system is readonly or an attacker + # is doing evil things, distinguish by creating a temporary file, + # but give up after a while. + if [ $error -gt 5 ]; then + log_failure_msg "failed to set up $DIR" + return 1 + fi + fn="$(mktemp /tmp/testwriteable.XXXXXXXXXX)" || return 1 + rm "$fn" + fi + mkdir -p -m 01777 "$DIR" || { rm "$DIR" || error=$((error + 1)) ; continue ; } + case "$(LC_ALL=C stat -c '%u %g %a %F' "$DIR")" in + "0 0 1777 directory") + # everything as it is supposed to be + break + ;; + "0 0 "*" directory") + # as it is owned by root, cannot be replaced with a symlink: + chmod 01777 "$DIR" + break + ;; + *" directory") + # if the chown succeeds, the next step can change it savely + chown -h root:root "$DIR" || error=$((error + 1)) + continue + ;; + *) + log_failure_msg "failed to set up $DIR" + return 1 + ;; + esac + done + + return 0 } do_status () { - if [ -d $ICE_DIR ] && [ -d $SOCKET_DIR ]; then + if [ -d "/tmp/$ICE_DIR" ] && [ -d "/tmp/$SOCKET_DIR" ]; then return 0 else return 4 @@ -64,8 +88,14 @@ do_status () { case "$1" in start) - set_up_socket_dir - set_up_ice_dir + if [ "$VERBOSE" != no ]; then + log_begin_msg "Setting up X socket directories..." + fi + set_up_dir "$SOCKET_DIR" + set_up_dir "$ICE_DIR" + if [ "$VERBOSE" != no ]; then + log_end_msg 0 + fi ;; restart|reload|force-reload) commit 1ae75a70edfd55acd885b9f6195428cd535ddb2d Author: Josselin Mouette <j...@debian.org> Date: Sat Jan 28 12:43:24 2012 +0100 Release 1:7.6+11 to unstable. diff --git a/debian/changelog b/debian/changelog index 20397c5..53edbbe 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,12 +1,13 @@ -xorg (1:7.6+11) UNRELEASED; urgency=low +xorg (1:7.6+11) unstable; urgency=low + * Team upload. * debian/local/Xsession.d/35x11-common_xhost-local: add a new script to the default X session. It will give access to the running X server to the logged on user. This is useful for gdm3 which does not give access to $XAUTHORITY outside the session, but can also be of use for other display managers. Closes: #586685. - -- Josselin Mouette <j...@debian.org> Thu, 24 Nov 2011 22:52:19 +0100 + -- Josselin Mouette <j...@debian.org> Sat, 28 Jan 2012 12:42:38 +0100 xorg (1:7.6+10) unstable; urgency=high commit ee496c4f41fad79c658136baf688e1a162bcf936 Author: Timo Aaltonen <tjaal...@ubuntu.com> Date: Mon Jan 23 07:43:23 2012 +0200 tabs to spaces diff --git a/debian/changelog b/debian/changelog index 6131143..7e41414 100644 --- a/debian/changelog +++ b/debian/changelog @@ -23,8 +23,8 @@ xorg (1:7.6+10ubuntu1) precise; urgency=low + Add -geode to video-all for i386. + Drop video drivers that are likely irrelevant for ARM. + Drop apm, ark, chips, i128, i740, rendition, s3virge, tseng, voodoo - from xserver-xorg-video-all dependencies. They are unmaintained and - obsolete. + from xserver-xorg-video-all dependencies. They are unmaintained and + obsolete. - debian/x11-common.{preinst,postinst,postrm}.in: Clean up the old failsafe-x files. commit 22ce089c330c2be530802a09c929ef749b294c2b Author: Julien Cristau <jcris...@debian.org> Date: Fri Dec 16 00:23:40 2011 +0100 Add CVE ref to 1:7.6+10 changelog diff --git a/debian/changelog b/debian/changelog index 07109a2..20397c5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -16,6 +16,7 @@ xorg (1:7.6+10) unstable; urgency=high - revert change to allow devices with major 5 as consoles. This includes things like /dev/tty and /dev/ptmx, which are world-readable (closes: #652249). Thanks to vladz for the report. + Reference: CVE-2011-4613. - use major() and minor() macros instead of manually extracting them * Build the X wrapper with hardening enabled. commit 9b1d91483680a3e9282bffb0aca4a08bd533e36e Author: Josselin Mouette <j...@debian.org> Date: Thu Nov 24 22:58:20 2011 +0100 debian/local/Xsession.d/35x11-common_xhost-local: add a new script to the default X session. It will give access to the running X server to the logged on user. This is useful for gdm3 which does not give access to $XAUTHORITY outside the session, but can also be of use for other display managers. Closes: #586685. diff --git a/debian/changelog b/debian/changelog index f2198f9..320064e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +xorg (1:7.6+10) UNRELEASED; urgency=low + + [ Josselin Mouette ] + * debian/local/Xsession.d/35x11-common_xhost-local: add a new script + to the default X session. It will give access to the running X + server to the logged on user. This is useful for gdm3 which does not + give access to $XAUTHORITY outside the session, but can also be of + use for other display managers. Closes: #586685. + + -- Josselin Mouette <j...@debian.org> Thu, 24 Nov 2011 22:52:19 +0100 + xorg (1:7.6+9) unstable; urgency=low [ Julien Cristau ] diff --git a/debian/local/Xsession.5 b/debian/local/Xsession.5 index 74d6911..2e954bb 100644 --- a/debian/local/Xsession.5 +++ b/debian/local/Xsession.5 @@ -186,6 +186,13 @@ the user's .I $HOME/.Xresources file is merged in the same way. .TP +.I /etc/X11/Xsession.d/35x11\-common_xhost\-local +Give access to the X server to the same user on the local host. +If the +.I xhost +command is available, it will use it to allow any process of the same +user running on the local host to access the X server. +.TP .I /etc/X11/Xsession.d/40x11\-common_xsessionrc Source global environment variables. This script will source anything in diff --git a/debian/local/Xsession.d/35x11-common_xhost-local b/debian/local/Xsession.d/35x11-common_xhost-local new file mode 100644 index 0000000..d127a6c --- /dev/null +++ b/debian/local/Xsession.d/35x11-common_xhost-local @@ -0,0 +1,10 @@ +# This file is sourced by Xsession(5), not executed. + +# If xhost (from x11-xserver-utils) is installed, use it to give access +# to the X server to any process from the same user on the local host. +# Unlike other uses of xhost, this is safe since the kernel can check +# the actual owner of the calling process. + +if type xhost >/dev/null 2>&1; then + xhost +si:localuser:$(id -un) || : +fi -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1tqpfr-0006go...@vasks.debian.org