Bug#779397: xterm: buffer overflow with -S option

2015-03-01 Thread Vincent Lefevre 
On 2015-03-01 23:08:13 +0100, Julien Cristau wrote:
> I don't think bad handling of a command line option qualifies, there's
> no trust boundary to breach there afaict?

I don't understand. Command line options could come from an external
source, after some filtering on the acceptable values (regarded as
safe).

Moreover it happens that here the buffer overflow was detected
immediately, but problems may be more important if xterm continued
with corrupted memory and uncontrolled effects.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)


-- 
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150302013833.gc24...@xvii.vinc17.org

Bug#779529: xserver-xorg-video-intel: Built-in display completely black if external monitor is plugged in

2015-03-01 Thread Luca Boccassi 
On 1 March 2015 at 22:15, Julien Cristau  wrote:
> On Sun, Mar  1, 2015 at 22:03:38 +, Luca Boccassi wrote:
>
>> Dear Maintainer(s),
>>
>> I am attaching a Git patch that backports the fixes needed in order
to
>> solve the backlight problem. I have tested this on a Dell Latitude
>> E5540 (Intel Haswell i7-4600U with GPU HD Graphics 4400) running
>> Debian Jessie. I hope this can be useful.
>>
> This is way too big a change to ship in jessie.  Seems like the
> backlight helper is mostly useful when X doesn't run as root, which is
> irrelevant here, so we could do without the code movement.  Do you
know
> what exact change does fix your backlight issue?

Hello Julien,

Unfortunately I do not know. As you can see from the log, it's just
those 5 commits, and most of the changes are in one single commit (rest
is dependencies), so it is not possible to use bisect to restrict the
changeset to the fix for the black screen.

The tools/backlight.c helper itself looks rather small, with the bulk of
the changes in the code that goes in the Xorg intel_drv.so itself. I am
not familiar with that code, so I'm afraid I cannot see which chunks
could be relevant for the fix and which are not.

Kind regards,
Luca Boccassi


signature.asc
Description: This is a digitally signed message part

Bug#779529: xserver-xorg-video-intel: Built-in display completely black if external monitor is plugged in

2015-03-01 Thread Julien Cristau 
On Sun, Mar  1, 2015 at 22:03:38 +, Luca Boccassi wrote:

> Dear Maintainer(s),
> 
> I am attaching a Git patch that backports the fixes needed in order to
> solve the backlight problem. I have tested this on a Dell Latitude
> E5540 (Intel Haswell i7-4600U with GPU HD Graphics 4400) running
> Debian Jessie. I hope this can be useful.
> 
This is way too big a change to ship in jessie.  Seems like the
backlight helper is mostly useful when X doesn't run as root, which is
irrelevant here, so we could do without the code movement.  Do you know
what exact change does fix your backlight issue?

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#779397: xterm: buffer overflow with -S option

2015-03-01 Thread Julien Cristau 
On Sat, Feb 28, 2015 at 03:37:53 +0100, Vincent Lefevre wrote:

> Package: xterm
> Version: 312-1
> Severity: important
> Tags: security
> 
> $ xterm -S/dev/pts/20
> *** buffer overflow detected ***: /usr/bin/xterm terminated
> === Backtrace: =
> /lib/x86_64-linux-gnu/libc.so.6(+0x731ff)[0x7f4de0b1b1ff]
> /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f4de0b9e4c7]
> /lib/x86_64-linux-gnu/libc.so.6(+0xf46e0)[0x7f4de0b9c6e0]
> /lib/x86_64-linux-gnu/libc.so.6(__stpncpy_chk+0x0)[0x7f4de0b9bb40]
> /usr/bin/xterm[0x408eb0]
> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7f4de0ac9b45]
> /usr/bin/xterm[0x408f9c]
> === Memory map: 
> [...]
> 
> Not sure whether this is a security issue, but a buffer overflow
> looks really wrong...
> 
I don't think bad handling of a command line option qualifies, there's
no trust boundary to breach there afaict?

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#779529: xserver-xorg-video-intel: Built-in display completely black if external monitor is plugged in

2015-03-01 Thread Luca Boccassi 
Dear Maintainer(s),

I am attaching a Git patch that backports the fixes needed in order to solve 
the backlight problem. I have tested this on a Dell Latitude E5540 (Intel 
Haswell i7-4600U with GPU HD Graphics 4400) running Debian Jessie. I hope this 
can be useful.

Kind regards,
Luca Boccassi


From f29b80b3f1cba1138284c5c28ed01aed5376d037 Mon Sep 17 00:00:00 2001
From: Luca Boccassi 
Date: Sun, 1 Mar 2015 12:14:13 +
Subject: [PATCH] Backport backlight fix (and other necessary commits)

commit a1717fe5ab0180f82a77a777c4ef870d54654ded
Author: Chris Wilson 
Date:   Thu Aug 21 07:21:59 2014 +0100

backlight: Move the fd out of the select range

commit 631b4e4c78a807e61214026bf9a1461aadbd59b5
Author: maximilian attems 
Date:   Thu May 29 17:07:16 2014 +0200
install add new helper

commit b71f3d8bd4d6773899c1bdc903911cf240e68ead
Author: Jan Alexander Steffens (heftig) 
Date:   Sat Feb 15 17:53:16 2014 +0100
Backlight helper build fixes

commit 3d629c91cfa98b75c6685c2a2003e64fd1b612c4
Author: Chris Wilson 
Date:   Sat Feb 15 14:55:09 2014 +
intel: Add a helper for setting backlight without root rights

commit a01548ccf192a5b1fa1f4a3e31e1634db39f6b39
Author: Hans de Goede 
Date:   Sat Feb 15 00:02:36 2014 +0100

intel: export fd_set_cloexec / fd_set_nonblock

Signed-off-by: Luca Boccassi 
---
 Makefile.am|   2 +-
 configure.ac   |  20 ++
 debian/xserver-xorg-video-intel.install|   2 +
 src/Makefile.am|   4 +
 src/backlight.c| 318 +
 src/backlight.h|  46 +++
 src/fd.c   |  93 ++
 src/fd.h   |  34 +++
 src/intel_device.c |  19 +-
 src/sna/sna_display.c  | 239 +++-
 src/uxa/intel_display.c| 224 ---
 tools/.gitignore   |   3 +
 tools/Makefile.am  |  48 
 tools/backlight_helper.c   |  51 
 ...g.x.xf86-video-intel.backlight-helper.policy.in |  19 ++
 15 files changed, 728 insertions(+), 394 deletions(-)
 create mode 100644 src/backlight.c
 create mode 100644 src/backlight.h
 create mode 100644 src/fd.c
 create mode 100644 src/fd.h
 create mode 100644 tools/.gitignore
 create mode 100644 tools/Makefile.am
 create mode 100644 tools/backlight_helper.c
 create mode 100644 tools/org.x.xf86-video-intel.backlight-helper.policy.in

diff --git a/Makefile.am b/Makefile.am
index 2b3b5d4..6bb4854 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -20,7 +20,7 @@
 
 ACLOCAL_AMFLAGS = ${ACLOCAL_FLAGS} -I m4
 
-SUBDIRS = man xvmc src
+SUBDIRS = man xvmc src tools
 
 MAINTAINERCLEANFILES = ChangeLog INSTALL
 
diff --git a/configure.ac b/configure.ac
index 9fc011e..2cda018 100644
--- a/configure.ac
+++ b/configure.ac
@@ -62,6 +62,23 @@ AC_DISABLE_STATIC
 AC_PROG_LIBTOOL
 AC_SYS_LARGEFILE
 
+# Platform specific settings
+case $host_os in
+  *linux*)
+backlight_helper=yes
+;;
+esac
+
+AC_ARG_ENABLE(backlight-helper,
+  AS_HELP_STRING([--disable-backlight-helper],
+[Enable building the backlight helper executable 
for running X under a normal user [default=auto]]),
+  [backlight_helper="$enableval"],)
+AM_CONDITIONAL(BUILD_BACKLIGHT_HELPER, [test "x$backlight_helper" = "xyes"])
+if test "x$backlight_helper" = "xyes"; then
+   tools_msg="$tools_msg xf86-video-intel-backlight-helper"
+   AC_DEFINE(USE_BACKLIGHT_HELPER, 1, [Enable use of the backlight helper 
interfaces])
+fi
+
 # Are we in a git checkout?
 dot_git=no
 if test -e .git; then
@@ -545,6 +562,7 @@ fi
 DRIVER_NAME=intel
 AC_SUBST([DRIVER_NAME])
 AC_SUBST([moduledir])
+AC_DEFINE_DIR([LIBEXEC_PATH], libexecdir, [libexec directory])
 
 AC_CONFIG_FILES([
 Makefile
@@ -563,6 +581,8 @@ AC_CONFIG_FILES([
 xvmc/shader/mc/Makefile
 xvmc/shader/vld/Makefile
test/Makefile
+   tools/Makefile
+   tools/org.x.xf86-video-intel.backlight-helper.policy
 ])
 AC_OUTPUT
 
diff --git a/debian/xserver-xorg-video-intel.install 
b/debian/xserver-xorg-video-intel.install
index 48c5ed0..fdefaad 100644
--- a/debian/xserver-xorg-video-intel.install
+++ b/debian/xserver-xorg-video-intel.install
@@ -1,4 +1,6 @@
 usr/lib/xorg/modules/drivers/*.so
 usr/lib/libI810XvMC.so*
 usr/lib/libIntelXvMC.so*
+usr/lib/xserver-xorg-video-intel/xf86-video-intel-backlight-helper
+usr/share/polkit-1/actions/org.x.xf86-video-intel.backlight-helper.policy
 usr/share/man
diff --git a/src/Makefile.am b/src/Makefile.am
index b0781ca..6c4d835 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -52,6 +52,10 @@ endif
 NULL:=#
 
 intel_drv_la_SOURCES = \
+

Processed: 779529

2015-03-01 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> notforwarded 779529
Bug #779529 {Done: Ben Hutchings } 
[xserver-xorg-video-intel] xserver-xorg-video-intel: Built-in display 
completely black if external monitor is plugged in
Unset Bug forwarded-to-address
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
779529: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779529
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.c.142524687623216.transcr...@bugs.debian.org

Processed: 772440

2015-03-01 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> clone 772440 -1
Bug #772440 {Done: Ben Hutchings } [src:linux] 
linux-image-3.16.0-4-amd64: Built-in display dimmed black if external monitor 
is plugged in
Bug 772440 cloned as bug 779529
> severity -1 important
Bug #779529 {Done: Ben Hutchings } [src:linux] 
linux-image-3.16.0-4-amd64: Built-in display dimmed black if external monitor 
is plugged in
Severity set to 'important' from 'normal'
> retitle -1 xserver-xorg-video-intel: Built-in display completely black if 
> external monitor is plugged in
Bug #779529 {Done: Ben Hutchings } [src:linux] 
linux-image-3.16.0-4-amd64: Built-in display dimmed black if external monitor 
is plugged in
Changed Bug title to 'xserver-xorg-video-intel: Built-in display completely 
black if external monitor is plugged in' from 'linux-image-3.16.0-4-amd64: 
Built-in display dimmed black if external monitor is plugged in'
> tags -1 patch
Bug #779529 {Done: Ben Hutchings } [src:linux] 
xserver-xorg-video-intel: Built-in display completely black if external monitor 
is plugged in
Ignoring request to alter tags of bug #779529 to the same tags previously set
> tags -1 jessie
Bug #779529 {Done: Ben Hutchings } [src:linux] 
xserver-xorg-video-intel: Built-in display completely black if external monitor 
is plugged in
Ignoring request to alter tags of bug #779529 to the same tags previously set
> tags -1 sid
Bug #779529 {Done: Ben Hutchings } [src:linux] 
xserver-xorg-video-intel: Built-in display completely black if external monitor 
is plugged in
Added tag(s) sid.
> tags -1 fixed-upstream
Bug #779529 {Done: Ben Hutchings } [src:linux] 
xserver-xorg-video-intel: Built-in display completely black if external monitor 
is plugged in
Ignoring request to alter tags of bug #779529 to the same tags previously set
> tags -1 fixed-in-experimental
Bug #779529 {Done: Ben Hutchings } [src:linux] 
xserver-xorg-video-intel: Built-in display completely black if external monitor 
is plugged in
Added tag(s) fixed-in-experimental.
> reassign -1 xserver-xorg-video-intel 2:2.21.15-2+b2
Bug #779529 {Done: Ben Hutchings } [src:linux] 
xserver-xorg-video-intel: Built-in display completely black if external monitor 
is plugged in
Bug reassigned from package 'src:linux' to 'xserver-xorg-video-intel'.
No longer marked as found in versions linux/3.16.7-2, linux/3.16.5-1, 
linux/3.16.3-2, and linux/3.16.7-ckt4-3.
No longer marked as fixed in versions linux/3.16.7-ckt7-1.
Bug #779529 {Done: Ben Hutchings } 
[xserver-xorg-video-intel] xserver-xorg-video-intel: Built-in display 
completely black if external monitor is plugged in
Marked as found in versions xserver-xorg-video-intel/2:2.21.15-2.
> fixed -1 2:2.99.917-1~exp1
Bug #779529 {Done: Ben Hutchings } 
[xserver-xorg-video-intel] xserver-xorg-video-intel: Built-in display 
completely black if external monitor is plugged in
Marked as fixed in versions xserver-xorg-video-intel/2:2.99.917-1~exp1.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
772440: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772440
779529: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779529
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.c.142524650021259.transcr...@bugs.debian.org

Re: Bug#772440: Bug #772440: linux-image-3.16.0-4-amd64: Built-in display dimmed if black if external monitor is plugged in

2015-03-01 Thread Luca Boccassi 
On Fri, 27 Feb 2015 19:45:16 +0100 jre  wrote:
> CCing debian-x@lists.debian.org and especially Maximillan Attems who
> prepared xserver-xorg-video-intel 2:2.99.911-git20140529-1~exp1 which
> added the backlight helper.
> 
> Summary of what happened so far:
> 
> intel_backlight, which is default since Linux 3.16, does not work
> correctly on several laptops. They have been blacklisted in the kernel
> in order to use the working ACPI backlight again. #772440 is about
just
> another laptop model to be added to this blacklist.
> Luca Boccassi found that the new backlight helper script in
> xserver-xorg-video-intel also fixes the issue.
> 
> 
> 
> On 02/20/2015 12:29 AM, Luca Boccassi wrote:
> > Cross-post from freedesktop bug, just to make sure it doesn't go
unnoticed:
> > 
> > (In reply to Luca Boccassi from comment #13)
> >> Hello,
> >>
> >> I have a Dell Latitude E5540, running an Intel Haswell i7-4600U
with GPU HD
> >> Graphics 4400, and I have the same problem. But I noticed that
upgrading the
> >> Intel driver to a version that ships a new backlight helper binary
fixes the
> >> problem.
> >>
> >> In my case, I am running Debian Jessie. The driver is part of the
package
> >> xserver-xorg-video-intel and the version that ships the new
backlight
> >> helper, according to the changelog, is:
> >>
> >> xserver-xorg-video-intel (2:2.99.911+git20140529-1~exp1)
experimental;
> >> urgency=low
> >>
> >>   * New upstream prerelease. (closes: #748753)
> >>   * Install new backlight helper.
> 
> Confirmed, in
> git://anonscm.debian.org/pkg-xorg/driver/xserver-xorg-video-intel I
> found the new backlight helper script to be the relevant commit.
> 
> Also see the ongoing discussion in
> https://bugs.freedesktop.org/show_bug.cgi?id=87286.
> 
> IMO the disable_native_backlight for some laptop models is (part of)
the
> correct solution and it is not clear /why/ the new backlight helper
> script helps.
> 
> Should we clone this bug as a more general one and then reassign to
> xserver-xorg-video-intel? We could then try to backport the changes to
> jessie to also help other affected laptops which are not yet
blacklisted.
> That would be the following commits + probably some follow-up fixes.
At
> least the 3rd commit requires manual merging:
> 
> commit 631b4e4c78a807e61214026bf9a1461aadbd59b5
> Author: maximilian attems 
> Date:   Thu May 29 17:07:16 2014 +0200
> install add new helper
> 
> commit b71f3d8bd4d6773899c1bdc903911cf240e68ead
> Author: Jan Alexander Steffens (heftig) 
>
> I just fear it is too late for that in jessie.

Hello Jre,

To make a random and uneducated guess, maybe something changed in the
kernel-space drivers in 3.16, which requires newer userspace driver to
work properly. It might have to do with this (from the upstream
changelog):

> Hans de Geode has been working on making the Xserver work without
> privileges under the supervision of systemd/logind. This necessitated
a
> few new features for us: server fds (where we are passed which fd to
use
> to talk to our device by the Xserver who may in turn receive it from
> logind or other host) and a small backlight helper so that we can
continue
> to provide a RandR backlight property when running without root
privileges.

Anyway, I did the homework, and I have a working patch that backports
the required fixes from 2.99.17 on top of 2.21.15-2. I tested on my
laptop and it works. I'll clone this bug, tag it, and attach the patch,
so that the maintainers can decide what's the best course of action.

It would indeed be nice if a fix (either backport or version bump) was
added to Jessie, since for non-tech savvy users booting and finding a
black screen, with the brightness control not working, is not a nice
experience!

Kind regards,
Luca Boccassi


signature.asc
Description: This is a digitally signed message part

Bug#768045: Bisect

2015-03-01 Thread Vedran Rodic 
I did a bisect and it came up to this commit:

ae8edc7544e566084f7b958eb93c9109b471ca30 is the first bad commit
commit ae8edc7544e566084f7b958eb93c9109b471ca30
Author: Tvrtko Ursulin 
Date:   Thu Jun 19 15:52:03 2014 +0100

intel: Add support for userptr objects

Allow userptr objects to be created and used via libdrm_intel.

At the moment tiling and mapping to GTT aperture is not supported
due hardware limitations across different generations and uncertainty
about its usefulness.

v2: Improved error handling in feature detection per review comments.

v3: Rebase on top of the drm_public addition, minor whitespace addition.

Reviewed-by: Damien Lespiau 
Signed-off-by: Damien Lespiau  (v3)
Signed-off-by: Tvrtko Ursulin  (v1,v2)

:04 04 5b1f4eecbdd1cf2c57d7da9388384c17e8448bee
b41b6afa071dc408dcaf7a4c6dcfecc2d7413c73 M intel

Bug#779515: Should enable the qxl kernel driver when installed

2015-03-01 Thread Ben Hutchings 
Source: xserver-xorg-video-qxl
Version: 0.1.1-2
Severity: normal

I've enabled the kernel's qxl driver, but disabled by default so that
it doesn't conflict with wheezy's version of xserver-xorg-video-qxl.

Please install a modprobe configuration file with the line:

options qxl modeset=1

(When I tried this on a VM host with virt-manager and QEMU from sid,
the qxl driver complained of missing features, so KMS still didn't
work.  However, the fall-back to UMS still worked.)

Ben.

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)


-- 
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/20150301184754.9121.41900.report...@deadeye.wl.decadent.org.uk

Bug#778991: conclusion

2015-03-01 Thread Tim Krieger 
I opened a bug report her:

https://bugs.freedesktop.org/show_bug.cgi?id=89291

-The problem affects only ivybridge.

-The problem is gone after activating sna acceleration. With
-intel-2.21.15 from testing I recognized other bugs (e.g. big shadows
under the nautilus window).

-With -intel-2.99.917 from experimental only activating TearFree
(perhaps i915.semaphore) results in smooth animations.

I think it's not a major but annoying bug. All machines with ivybridge
are infected. There isn't a solution with the actual driver in stable,
testing or sid. The only workaround is fiddling around with experimental
and some modifications in /xorg.conf.d.


signature.asc
Description: This is a digitally signed message part

xterm_312-2_source.changes ACCEPTED into unstable

2015-03-01 Thread Debian FTP Masters 


Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 01 Mar 2015 11:45:01 +0100
Source: xterm
Binary: xterm
Architecture: source
Version: 312-2
Distribution: unstable
Urgency: medium
Maintainer: Debian X Strike Force 
Changed-By: Sven Joachim 
Description:
 xterm  - X terminal emulator
Closes: 779397
Changes:
 xterm (312-2) unstable; urgency=medium
 .
   * Cherry-pick a patch from xterm 314: change passedPty[] to an
 allocated string to ensure it is long enough for the -S option
 value (Closes: #779397).
Checksums-Sha1:
 d76459004e6aff43d5cc62f12846a46951c43c77 2046 xterm_312-2.dsc
 8cbb02f632216da753a288c5dbf28919ff2f8de3 97046 xterm_312-2.diff.gz
Checksums-Sha256:
 4ad1962ca21f8ea76d8642b81898c0c3de70f5864a897d022f05a4a47661ddd8 2046 
xterm_312-2.dsc
 aa366ec7f91aeee8b3017d298cb9fea760447363d8d887ac82284db9e4fcaa05 97046 
xterm_312-2.diff.gz
Files:
 9ff4b32da49e01d8d23915198c9b82b8 2046 x11 optional xterm_312-2.dsc
 23ac89b75fdc6e571e7ac8524e7bd3ca 97046 x11 optional xterm_312-2.diff.gz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJU8u4dAAoJEDsQbnGNazGsMYIQAIzCY1VS9ySr3NzxszwbOjFe
L4MeshpVm2ZYdgkruJDBjutTBDKJGlrYbS71YyS9P8FzlV9VNlgOX6cud03y8VZa
VKzAesr1l8QTIqRaZEEFcv27rdwT80/Qq7nFTf9IcMIMCAgTJTy0sjf0Ho6GjimF
ms/q4Ocm2onQYyfZLumJBJgjQthaj6rRGi3f5u1lka+JLwPKk/mVeKHbHeclKHY9
GDqzBq8+Ucu44+CGCf3GO4mLATuegwKbIdvK0/wE9BA3dnasQcl0fQZ6I73bmFD1
O5dIUzeogPwoLGWYVqhmmkSXvRkmvRnOIcSYC1/ZIBgil4OIOl/ZH1yyucpk6sj/
ARJiDG6TyJXNozIiTbaUNbxkGcIN13GtLMfNk4N7GbloGG2AHKNxm5VaaYpydcw1
MjwJonSCoiN0x7ddb8+ZksM1jwJbQPexH3z3z04VeY1C0KilzHVSq2oPInJ3nsIn
WkDhkTZm2fVHOHrKahHmBPwieNu/nO/ZVGmATe4DlZ3r4Au/MpEQbbiiRvNpAM4x
l4UiRQXrlo883ziVUCC0tKGINSX1i5hHOY0BpsQGldk71o/DbtuZSKzCfuacMjrz
nHm4KW1Ku2WohPgIcE1+WZ/cIXGoccWpV4xOzhbHnunbymPq3kjB+QPeyJ551aJI
Nxvt1JKVNdnDV0PbINAr
=Uepc
-END PGP SIGNATURE-


Thank you for your contribution to Debian.


-- 
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1ys29a-0007vc...@franck.debian.org

Bug#779397: marked as done (xterm: buffer overflow with -S option)

2015-03-01 Thread Debian Bug Tracking System 
Your message dated Sun, 01 Mar 2015 11:34:56 +
with message-id 
and subject line Bug#779397: fixed in xterm 312-2
has caused the Debian Bug report #779397,
regarding xterm: buffer overflow with -S option
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
779397: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779397
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: xterm
Version: 312-1
Severity: important
Tags: security

$ xterm -S/dev/pts/20
*** buffer overflow detected ***: /usr/bin/xterm terminated
=== Backtrace: =
/lib/x86_64-linux-gnu/libc.so.6(+0x731ff)[0x7f4de0b1b1ff]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f4de0b9e4c7]
/lib/x86_64-linux-gnu/libc.so.6(+0xf46e0)[0x7f4de0b9c6e0]
/lib/x86_64-linux-gnu/libc.so.6(__stpncpy_chk+0x0)[0x7f4de0b9bb40]
/usr/bin/xterm[0x408eb0]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7f4de0ac9b45]
/usr/bin/xterm[0x408f9c]
=== Memory map: 
[...]

Not sure whether this is a security issue, but a buffer overflow
looks really wrong...

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages xterm depends on:
ii  libc6   2.19-15
ii  libfontconfig1  2.11.0-6.3
ii  libice6 2:1.0.9-1+b1
ii  libtinfo5   5.9+20140913-1+b1
ii  libutempter01.1.5-4
ii  libx11-62:1.6.2-3
ii  libxaw7 2:1.0.12-2+b1
ii  libxft2 2.3.2-1
ii  libxmu6 2:1.1.2-1
ii  libxpm4 1:3.5.11-1+b1
ii  libxt6  1:1.1.4-1+b1
ii  xbitmaps1.1.1-2

Versions of packages xterm recommends:
ii  x11-utils  7.7+2

Versions of packages xterm suggests:
pn  xfonts-cyrillic  

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: xterm
Source-Version: 312-2

We believe that the bug you reported is fixed in the latest version of
xterm, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 779...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sven Joachim  (supplier of updated xterm package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 01 Mar 2015 11:45:01 +0100
Source: xterm
Binary: xterm
Architecture: source
Version: 312-2
Distribution: unstable
Urgency: medium
Maintainer: Debian X Strike Force 
Changed-By: Sven Joachim 
Description:
 xterm  - X terminal emulator
Closes: 779397
Changes:
 xterm (312-2) unstable; urgency=medium
 .
   * Cherry-pick a patch from xterm 314: change passedPty[] to an
 allocated string to ensure it is long enough for the -S option
 value (Closes: #779397).
Checksums-Sha1:
 d76459004e6aff43d5cc62f12846a46951c43c77 2046 xterm_312-2.dsc
 8cbb02f632216da753a288c5dbf28919ff2f8de3 97046 xterm_312-2.diff.gz
Checksums-Sha256:
 4ad1962ca21f8ea76d8642b81898c0c3de70f5864a897d022f05a4a47661ddd8 2046 
xterm_312-2.dsc
 aa366ec7f91aeee8b3017d298cb9fea760447363d8d887ac82284db9e4fcaa05 97046 
xterm_312-2.diff.gz
Files:
 9ff4b32da49e01d8d23915198c9b82b8 2046 x11 optional xterm_312-2.dsc
 23ac89b75fdc6e571e7ac8524e7bd3ca 97046 x11 optional xterm_312-2.diff.gz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJU8u4dAAoJEDsQbnGNazGsMYIQAIzCY1VS9ySr3NzxszwbOjFe
L4MeshpVm2ZYdgkruJDBjutTBDKJGlrYbS71YyS9P8FzlV9VNlgOX6cud03y8VZa
VKzAesr1l8QTIqRaZEEFcv27rdwT80/Qq7nFTf9IcMIMCAgTJTy0sjf0Ho6GjimF
ms/q4Ocm2onQYyfZLumJBJgjQthaj6rRGi3f5u1lka+JLwPKk/mVeKHbHeclKHY9
GDqzBq8+Ucu44+CGCf3GO4mLATuegwKbIdvK0/wE9BA3dnasQcl0fQZ6I73bmFD1
O5dIUzeogPwoLGWYVqhmmkSXvRkmvRnOIcSYC1/ZIBgil4OIOl/ZH1yyucpk6sj/
ARJiDG6TyJXNozIiTbaUNbxkGcIN13GtLMfNk4N7GbloGG2AHKNxm5VaaYpydcw1
MjwJonSCoiN0x7ddb8+ZksM1jwJbQPexH3z3z04VeY1C0KilzHVSq2oPInJ3nsIn
WkDhkTZm2fVHOHrKahHmBPwieNu/nO/ZVGmATe4DlZ3r4Au/MpEQbbiiRvNpAM4x
l4UiRQXrlo883ziVUCC0tKGINSX1i5hHOY0BpsQGldk71o/DbtuZSKzCfuacMjrz
nHm4KW1Ku2WohPgIcE1+WZ/cIXGoccWpV4xOzhbHnunbymPq3kjB+QPeyJ

Processing of xterm_312-2_source.changes

2015-03-01 Thread Debian FTP Masters 
xterm_312-2_source.changes uploaded successfully to ftp-master.debian.org
along with the files:
  xterm_312-2.dsc
  xterm_312-2.diff.gz

Greetings,

Your Debian queue daemon (running on host coccia.debian.org)


-- 
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1ys1uk-0001xm...@coccia.debian.org

Processing of xterm_312-2_source.changes

2015-03-01 Thread Debian FTP Masters 
xterm_312-2_source.changes uploaded successfully to localhost
along with the files:
  xterm_312-2.dsc
  xterm_312-2.diff.gz

Greetings,

Your Debian queue daemon (running on host franck.debian.org)


-- 
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1ys1uk-0005va...@franck.debian.org

xterm: Changes to 'debian-unstable'

2015-03-01 Thread Sven Joachim 
 debian/changelog  |8 ++
 debian/patches/905_passedPty.diff |   47 ++
 debian/patches/series |1 
 3 files changed, 56 insertions(+)

New commits:
commit 663c53556da5f6615d499402000bb9bfc1fc46f5
Author: Sven Joachim 
Date:   Sun Mar 1 11:45:34 2015 +0100

Upload to unstable

diff --git a/debian/changelog b/debian/changelog
index 72f692a..b29201d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,10 @@
-xterm (312-2) UNRELEASED; urgency=medium
+xterm (312-2) unstable; urgency=medium
 
   * Cherry-pick a patch from xterm 314: change passedPty[] to an
 allocated string to ensure it is long enough for the -S option
 value (Closes: #779397).
 
- -- Sven Joachim   Sun, 01 Mar 2015 11:34:52 +0100
+ -- Sven Joachim   Sun, 01 Mar 2015 11:45:01 +0100
 
 xterm (312-1) unstable; urgency=medium
 

commit 976a28a84cb9be75001b0606313e45e0118a27f7
Author: Sven Joachim 
Date:   Sun Mar 1 11:43:13 2015 +0100

Fix buffer overflow in the -S option

Change passedPty[] to an allocated string to ensure it is long enough
for the -S option value.

diff --git a/debian/changelog b/debian/changelog
index 6b5ba0c..72f692a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+xterm (312-2) UNRELEASED; urgency=medium
+
+  * Cherry-pick a patch from xterm 314: change passedPty[] to an
+allocated string to ensure it is long enough for the -S option
+value (Closes: #779397).
+
+ -- Sven Joachim   Sun, 01 Mar 2015 11:34:52 +0100
+
 xterm (312-1) unstable; urgency=medium
 
   * New upstream release.
diff --git a/debian/patches/905_passedPty.diff 
b/debian/patches/905_passedPty.diff
new file mode 100644
index 000..93765eb
--- /dev/null
+++ b/debian/patches/905_passedPty.diff
@@ -0,0 +1,47 @@
+Description: Fix buffer overflow in the -S option
+ Change passedPty[] to an allocated string to ensure it is long enough for
+ the -S option value.
+Author: Thomas Dickey 
+Bug-Debian: https://bugs.debian.org/779397
+
+---
+ main.c |8 +---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+--- a/main.c
 b/main.c
+@@ -779,7 +779,8 @@ static char etc_wtmp[] = WTMP_FILENAME;
+ static char bin_login[] = LOGIN_FILENAME;
+ #endif
+ 
+-static char passedPty[PTYCHARLEN + 1];/* name if pty if slave */
++static char noPassedPty[2];
++static char *passedPty = noPassedPty; /* name if pty if slave */
+ 
+ #if defined(TIOCCONS) || defined(SRIOCSREDIR)
+ static int Console;
+@@ -1760,7 +1761,8 @@ ParseSccn(char *option)
+ char *leaf = x_basename(option);
+ Bool code = False;
+ 
+-if (leaf != option) {
++passedPty = x_strdup(option);
++if (leaf != option) {
+   if (leaf - option > 0
+   && isdigit(CharOf(*leaf))
+   && sscanf(leaf, "%d", &am_slave) == 1) {
+@@ -1771,13 +1773,13 @@ ParseSccn(char *option)
+* the /dev/pts/XXX value, but since we do not need to reopen it,
+* it is useful mainly for display in a "ps -ef".
+*/
+-  strncpy(passedPty, option, len);
+   passedPty[len] = 0;
+   code = True;
+   }
+ } else {
+   code = (sscanf(option, "%c%c%d",
+  passedPty, passedPty + 1, &am_slave) == 3);
++  passedPty[2] = '\0';
+ }
+ TRACE(("ParseSccn(%s) = '%s' %d (%s)\n", option,
+  passedPty, am_slave, code ? "OK" : "ERR"));
diff --git a/debian/patches/series b/debian/patches/series
index 0a584d1..c29fff3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 900_debian_xterm.diff
 902_windowops.diff
 904_fontops.diff
+905_passedPty.diff


-- 
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1ys1qc-by...@moszumanska.debian.org

xterm: Changes to 'refs/tags/xterm-312-2'

2015-03-01 Thread Sven Joachim 
Tag 'xterm-312-2' created by Sven Joachim  at 2015-03-01 10:47 
+

Tagging upload of xterm 312-2 to unstable.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAABCgAGBQJU8u5RAAoJEDsQbnGNazGs994QAK9/IenCDHFIVvGJDw7q5n9X
VKJSym0vA/O1cdFCpSLq4Gb4Z9HTPRYJynitkN9uvpgw5Rr4fD4Zfcpq5KA7zp62
ut5aoJDOX4ndiEAA52dHWXR0XWc5U0jup3oUye3DFkZtcfWyjGUzc2CQ9M54qCht
rrKYnMAH/jBKOpd1OvAuFAydsjZQJQWjByCYt5xELH/OeQ3NR3dF7l6qAiHHIfY5
TTlSRR1TZ8YI1ank2TQ3X9zrpYyhIHhOiZKVGq+wOhvGYhcI+NNxCtfYQX3ekNMC
glIW5LXnJqSHjJ95qXmhVVR4c6T9gmbOLp9PHgUWqkr5KsP3V9aAuexWIV9slyC7
M3bCnjmbc9XKiCJ/6ZExrCR+K4yJZCz+QPQeLJhvp5pIHROkXtncUjx8HZsHzt0o
577GUeAx9+Eoyo9utZCIQw2ncVemBmTtLkNOfByB4eKA9f4O/KfQzMknE/TjI8xA
/5Q/hraVNKVtAr4Rku4KIX+ryw2P/pdVUDHVn4QhCwl8AcCFS5ec2pWr8a47mhjh
Cec6tZRpB5S3MYzxWBHI0B7g0Xworvez7a6By3NEAaFGSG9iQ3tY9aqSniO01e9B
KCtaz0on/KAfk1Iaz0+Nuecb4tPt6s+JdUKNwdxyhieRM7iWDG8YHoO/eiLtBcXZ
jSBWD2b1b1pYEfSXZPuv
=Ypng
-END PGP SIGNATURE-

Changes since xterm-312-1:
Sven Joachim (2):
  Fix buffer overflow in the -S option
  Upload to unstable

---
 debian/changelog  |8 ++
 debian/patches/905_passedPty.diff |   47 ++
 debian/patches/series |1 
 3 files changed, 56 insertions(+)
---


-- 
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1ys1qq-kz...@moszumanska.debian.org

Processed: bug 778991 is forwarded to https://bugs.freedesktop.org/show_bug.cgi?id=89291

2015-03-01 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> forwarded 778991 https://bugs.freedesktop.org/show_bug.cgi?id=89291
Bug #778991 {Done: Julien Cristau } 
[xserver-xorg-video-intel] xserver-xorg-video-intel: graphical glitches in the 
circulating symbol while waiting for an application
Set Bug forwarded-to-address to 
'https://bugs.freedesktop.org/show_bug.cgi?id=89291'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
778991: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778991
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.c.14252042179203.transcr...@bugs.debian.org