xorg-server: Changes to 'debian-squeeze'
debian/changelog |7 debian/patches/25-CVE-2013-6424.diff | 50 +++ debian/patches/series|3 +- 3 files changed, 59 insertions(+), 1 deletion(-) New commits: commit c8328c3185dc44e8167cdf46a0b11e555fadc130 Author: Julien Cristau jcris...@debian.org Date: Tue Dec 17 20:23:01 2013 +0100 exa: only draw valid trapezoids Addresses CVE-2013-6424 diff --git a/debian/changelog b/debian/changelog index 6efa612..6e176e1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +xorg-server (2:1.7.7-18) squeeze-security; urgency=high + + * exa: only draw valid trapezoids +Addresses CVE-2013-6424 + + -- Julien Cristau jcris...@debian.org Tue, 17 Dec 2013 20:21:57 +0100 + xorg-server (2:1.7.7-17) squeeze-security; urgency=low * CVE-2013-4396 diff --git a/debian/patches/25-CVE-2013-6424.diff b/debian/patches/25-CVE-2013-6424.diff new file mode 100644 index 000..aacc6f2 --- /dev/null +++ b/debian/patches/25-CVE-2013-6424.diff @@ -0,0 +1,50 @@ +From patchwork Wed Oct 2 13:47:54 2013 +Content-Type: text/plain; charset=utf-8 +MIME-Version: 1.0 +Content-Transfer-Encoding: 7bit +Subject: exa: only draw valid trapezoids +From: Maarten Lankhorst maarten.lankho...@canonical.com +X-Patchwork-Id: 14769 +Message-Id: 524c240a.9010...@canonical.com +To: X.Org Devel List xorg-de...@lists.freedesktop.org +Date: Wed, 02 Oct 2013 15:47:54 +0200 + +Fixes freedesktop.org bug https://bugs.freedesktop.org/show_bug.cgi?id=67484 + +If t-bottom is close to MIN_INT, removing top can wraparound, so do the check properly. +A similar fix should also be applied to pixman. + +Signed-off-by: Maarten Lankhorst maarten.lankho...@canonical.com + +--- + + +Index: xorg-server/exa/exa_render.c +=== +--- xorg-server.orig/exa/exa_render.c xorg-server/exa/exa_render.c +@@ -1174,8 +1174,9 @@ exaTrapezoids (CARD8 op, PicturePtr pSrc + + exaPrepareAccess(pPicture-pDrawable, EXA_PREPARE_DEST); + for (; ntrap; ntrap--, traps++) +- (*ps-RasterizeTrapezoid) (pPicture, traps, +- -bounds.x1, -bounds.y1); ++ if (xTrapezoidValid(traps)) ++ (*ps-RasterizeTrapezoid) (pPicture, traps, ++ -bounds.x1, -bounds.y1); + exaFinishAccess(pPicture-pDrawable, EXA_PREPARE_DEST); + + xRel = bounds.x1 + xSrc - xDst; +Index: xorg-server/render/picture.h +=== +--- xorg-server.orig/render/picture.h xorg-server/render/picture.h +@@ -211,7 +211,7 @@ typedefpixman_fixed_t xFixed; + /* whether 't' is a well defined not obviously empty trapezoid */ + #define xTrapezoidValid(t) ((t)-left.p1.y != (t)-left.p2.y \ +(t)-right.p1.y != (t)-right.p2.y \ +- (int) ((t)-bottom - (t)-top) 0) ++ ((t)-bottom (t)-top)) + + /* + * Standard NTSC luminance conversions: diff --git a/debian/patches/series b/debian/patches/series index 833b3ce..cf4a27b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -22,4 +22,5 @@ 21-device-mode-list.diff 22-stop-searching-for-xf86config-files 23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff -24-CVE-2013-4396.diff \ No newline at end of file +24-CVE-2013-4396.diff +25-CVE-2013-6424.diff -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vvl4t-0005z4...@moszumanska.debian.org
xorg-server: Changes to 'debian-squeeze-backports'
debian/changelog |6 ++ debian/patches/14_CVE-2013-4396.diff | 73 +++ debian/patches/series|1 3 files changed, 80 insertions(+) New commits: commit 87ab5736bf997fab5c26471a61c2a68188f722e4 Author: intrigeri intrig...@debian.org Date: Mon Dec 2 10:32:40 2013 + Upload to squeeze-backports. diff --git a/debian/changelog b/debian/changelog index d61d908..15be2b9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +xorg-server (2:1.10.4-1~bpo60+2) squeeze-backports; urgency=low + + * Add 14_CVE-2013-4396.diff to fix CVE-2013-4396 (DSA-2784-1). + + -- intrigeri intrig...@debian.org Mon, 02 Dec 2013 11:30:11 +0100 + xorg-server (2:1.10.4-1~bpo60+1) squeeze-backports; urgency=low * Rebuild for squeeze-backports. commit 2dffdefa2ff8ca90fb108581162075f5d8c4e0da Author: intrigeri intrig...@debian.org Date: Mon Dec 2 11:08:20 2013 + Add 14_CVE-2013-4396.diff to fix CVE-2013-4396 (DSA-2784-1). diff --git a/debian/patches/14_CVE-2013-4396.diff b/debian/patches/14_CVE-2013-4396.diff new file mode 100644 index 000..eed6dae --- /dev/null +++ b/debian/patches/14_CVE-2013-4396.diff @@ -0,0 +1,73 @@ +From 73b2660d7273d175d279d22f8ca0c3932a14ff1c Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith alan.coopersm...@oracle.com +Date: Tue, 17 Sep 2013 04:47:16 + +Subject: Avoid use-after-free in dix/dixfonts.c: doImageText() [CVE-2013-4396] + +Save a pointer to the passed in closure structure before copying it +and overwriting the *c pointer to point to our copy instead of the +original. If we hit an error, once we free(c), reset c to point to +the original structure before jumping to the cleanup code that +references *c. + +Since one of the errors being checked for is whether the server was +able to malloc(c-nChars * itemSize), the client can potentially pass +a number of characters chosen to cause the malloc to fail and the +error path to be taken, resulting in the read from freed memory. + +Since the memory is accessed almost immediately afterwards, and the +X server is mostly single threaded, the odds of the free memory having +invalid contents are low with most malloc implementations when not using +memory debugging features, but some allocators will definitely overwrite +the memory there, leading to a likely crash. + +Reported-by: Pedro Ribeiro ped...@gmail.com +Signed-off-by: Alan Coopersmith alan.coopersm...@oracle.com +Reviewed-by: Julien Cristau jcris...@debian.org +--- + dix/dixfonts.c | 5 + + 1 file changed, 5 insertions(+) + +diff --git a/dix/dixfonts.c b/dix/dixfonts.c +index fbac124..62feaed 100644 +--- a/dix/dixfonts.c b/dix/dixfonts.c +@@ -1479,6 +1479,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + GC *pGC; + unsigned char *data; + ITclosurePtr new_closure; ++ ITclosurePtr old_closure; + + /* We're putting the client to sleep. We need to + save some state. Similar problem to that handled +@@ -1491,6 +1492,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + err = BadAlloc; + goto bail; + } ++old_closure = c; + *new_closure = *c; + c = new_closure; + +@@ -1498,6 +1500,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + if (!data) + { + free(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1509,6 +1512,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + { + free(c-data); + free(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1522,6 +1526,7 @@ doImageText(ClientPtr client, ITclosurePtr c) + FreeScratchGC(pGC); + free(c-data); + free(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } diff --git a/debian/patches/series b/debian/patches/series index 2e0f947..0308bc8 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -4,4 +4,5 @@ 02_Add-libnettle-as-option-for-sha1.diff 07-xfree86-fix-build-with-xv-disabled.diff #13_debian_add_xkbpath_env_variable.diff +14_CVE-2013-4396.diff 15-nouveau.diff -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vpdp2-0003zm...@moszumanska.debian.org
xorg-server: Changes to 'debian-squeeze'
debian/changelog |6 debian/patches/24-CVE-2013-4396.diff | 44 +++ debian/patches/series|1 3 files changed, 51 insertions(+) New commits: commit 4e7ebd354051c41a817ff7b23da3400936ce90e5 Author: Moritz Muehlenhoff j...@debian.org Date: Tue Oct 22 00:13:44 2013 + CVE-2013-4396 diff --git a/debian/changelog b/debian/changelog index 0483e45..6efa612 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +xorg-server (2:1.7.7-17) squeeze-security; urgency=low + + * CVE-2013-4396 + + -- Moritz Muehlenhoff j...@debian.org Tue, 22 Oct 2013 00:13:44 + + xorg-server (2:1.7.7-16) squeeze-security; urgency=high * xfree86: fix flush input to work with Linux evdev devices. Avoids diff --git a/debian/patches/24-CVE-2013-4396.diff b/debian/patches/24-CVE-2013-4396.diff new file mode 100644 index 000..cc709ea --- /dev/null +++ b/debian/patches/24-CVE-2013-4396.diff @@ -0,0 +1,44 @@ +diff -aur xorg-server-1.7.7.orig/dix/dixfonts.c xorg-server-1.7.7/dix/dixfonts.c +--- xorg-server-1.7.7.orig/dix/dixfonts.c 2010-05-04 02:47:57.0 +0200 xorg-server-1.7.7/dix/dixfonts.c 2013-10-04 13:09:22.0 +0200 +@@ -1508,6 +1508,7 @@ + GC *pGC; + unsigned char *data; + ITclosurePtr new_closure; ++ ITclosurePtr old_closure; + + /* We're putting the client to sleep. We need to + save some state. Similar problem to that handled +@@ -1520,6 +1521,7 @@ + err = BadAlloc; + goto bail; + } ++old_closure = c; + *new_closure = *c; + c = new_closure; + +@@ -1527,6 +1529,7 @@ + if (!data) + { + xfree(c); ++c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1538,6 +1541,7 @@ + { + xfree(c-data); + xfree(c); ++c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1551,6 +1555,7 @@ + FreeScratchGC(pGC); + xfree(c-data); + xfree(c); ++c = old_closure; + err = BadAlloc; + goto bail; + } +Nur in xorg-server-1.7.7/dix: dixfonts.c~. diff --git a/debian/patches/series b/debian/patches/series index 4e3310f..833b3ce 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -22,3 +22,4 @@ 21-device-mode-list.diff 22-stop-searching-for-xf86config-files 23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff +24-CVE-2013-4396.diff \ No newline at end of file -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vnqwi-0007cj...@moszumanska.debian.org
xorg-server: Changes to 'debian-squeeze'
debian/changelog| 8 ++ debian/patches/23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff | 33 ++ debian/patches/series | 1 3 files changed, 42 insertions(+) New commits: commit 4e399febdb96665aa109291be0847a7652800c4d Author: Julien Cristau jcris...@debian.org Date: Sun Apr 14 13:32:50 2013 +0200 Upload to squeeze-security diff --git a/debian/changelog b/debian/changelog index 26cf85e..0483e45 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,10 +1,10 @@ -xorg-server (2:1.7.7-16) UNRELEASED; urgency=high +xorg-server (2:1.7.7-16) squeeze-security; urgency=high * xfree86: fix flush input to work with Linux evdev devices. Avoids processing events sent when the server was inactive, potentially allowing a user to capture passwords. Addresses CVE-2013-1940. - -- Julien Cristau jcris...@debian.org Fri, 12 Apr 2013 15:13:24 +0200 + -- Julien Cristau jcris...@debian.org Fri, 12 Apr 2013 15:47:37 +0200 xorg-server (2:1.7.7-15) squeeze; urgency=low commit ffb8ce120b2a14740990e953b9402fde5ce721d0 Author: Julien Cristau jcris...@debian.org Date: Fri Apr 12 15:18:34 2013 +0200 xfree86: fix flush input to work with Linux evdev devices. Avoids processing events sent when the server was inactive, potentially allowing a user to capture passwords. Addresses CVE-2013-1940. diff --git a/debian/changelog b/debian/changelog index 4d8d03c..75019e1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +xorg-server (2:1.7.7-14+squeeze1) UNRELEASED; urgency=high + + * xfree86: fix flush input to work with Linux evdev devices. Avoids +processing events sent when the server was inactive, potentially allowing +a user to capture passwords. Addresses CVE-2013-1940. + + -- Julien Cristau jcris...@debian.org Fri, 12 Apr 2013 15:13:24 +0200 + xorg-server (2:1.7.7-14) squeeze; urgency=low * GLX: add missing input sanitization (CVE-2010-4818). Also fix a couple diff --git a/debian/patches/23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff b/debian/patches/23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff new file mode 100644 index 000..343bac6 --- /dev/null +++ b/debian/patches/23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff @@ -0,0 +1,33 @@ +From 88394b5cf39f298ebaa9a8ce4ace9bef14c2c6ee Mon Sep 17 00:00:00 2001 +From: Dave Airlie airl...@gmail.com +Date: Wed, 10 Apr 2013 16:09:01 +1000 +Subject: [PATCH] xf86: fix flush input to work with Linux evdev devices. + +So when we VT switch back and attempt to flush the input devices, +we don't succeed because evdev won't return part of an event, +since we were only asking for 4 bytes, we'd only get -EINVAL back. + +This could later cause events to be flushed that we shouldn't have +gotten. + +This is a fix for CVE-2013-1940. + +Signed-off-by: Dave Airlie airl...@redhat.com +--- + hw/xfree86/os-support/shared/posix_tty.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +Index: xorg-server/hw/xfree86/os-support/shared/posix_tty.c +=== +--- xorg-server.orig/hw/xfree86/os-support/shared/posix_tty.c xorg-server/hw/xfree86/os-support/shared/posix_tty.c +@@ -475,7 +475,8 @@ xf86FlushInput(int fd) + { + fd_set fds; + struct timeval timeout; +- char c[4]; ++ /* this needs to be big enough to flush an evdev event. */ ++ char c[126]; + + DebugF(FlushingSerial\n); + if (tcflush(fd, TCIFLUSH) == 0) diff --git a/debian/patches/series b/debian/patches/series index 231ba02..4e3310f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -21,3 +21,4 @@ 20-randr-shadow-crashes.diff 21-device-mode-list.diff 22-stop-searching-for-xf86config-files +23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1usygm-0003cl...@vasks.debian.org
xorg-server: Changes to 'debian-squeeze'
debian/changelog |7 +++ debian/control |2 ++ debian/rules |4 +++- 3 files changed, 12 insertions(+), 1 deletion(-) New commits: commit 752d3d0db0308a2b8243d4bc0f402771a8bd410e Author: Julien Cristau jcris...@debian.org Date: Wed Mar 13 21:27:49 2013 +0100 Upload to squeeze diff --git a/debian/changelog b/debian/changelog index 137c032..6fc6748 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,9 +1,9 @@ -xorg-server (2:1.7.7-15) UNRELEASED; urgency=low +xorg-server (2:1.7.7-15) squeeze; urgency=low * Link against -lbsd on kfreebsd to get access to getpeereid() and make MIT-SHM work with non-world-accessible segments. - -- Julien Cristau jcris...@debian.org Sat, 23 Feb 2013 10:13:16 +0100 + -- Julien Cristau jcris...@debian.org Wed, 13 Mar 2013 21:27:46 +0100 xorg-server (2:1.7.7-14) squeeze; urgency=low commit 15227a04e43982972502cdbbdc94e427b50b0c65 Author: Julien Cristau jcris...@debian.org Date: Sat Feb 23 10:34:21 2013 +0100 Link against -lbsd on kfreebsd It gives us access to getpeereid() and makes MIT-SHM work with non-world-accessible segments. See Debian bug#700530. diff --git a/debian/changelog b/debian/changelog index 4d8d03c..137c032 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +xorg-server (2:1.7.7-15) UNRELEASED; urgency=low + + * Link against -lbsd on kfreebsd to get access to getpeereid() and make +MIT-SHM work with non-world-accessible segments. + + -- Julien Cristau jcris...@debian.org Sat, 23 Feb 2013 10:13:16 +0100 + xorg-server (2:1.7.7-14) squeeze; urgency=low * GLX: add missing input sanitization (CVE-2010-4818). Also fix a couple diff --git a/debian/control b/debian/control index 03b0ad3..55eaa8b 100644 --- a/debian/control +++ b/debian/control @@ -77,6 +77,8 @@ Build-Depends: libglib2.0-dev, xkb-data, x11-xkb-utils, +# getpeereid() + libbsd-dev [kfreebsd-any], Standards-Version: 3.8.4 Vcs-Git: git://git.debian.org/git/pkg-xorg/xserver/xorg-server Vcs-Browser: http://git.debian.org/?p=pkg-xorg/xserver/xorg-server.git diff --git a/debian/rules b/debian/rules index 52c0094..51d271a 100755 --- a/debian/rules +++ b/debian/rules @@ -64,6 +64,7 @@ ifeq ($(DEB_HOST_ARCH_OS), linux) config_backend += --enable-config-udev --disable-config-hal else ifeq ($(DEB_HOST_ARCH_OS), kfreebsd) config_backend += --disable-config-udev --enable-config-hal + libs = LIBS=-lbsd else # hurd config_backend += --disable-config-udev --disable-config-hal endif @@ -112,7 +113,8 @@ confflags += \ --disable-xwin \ --disable-xsdl \ --disable-xfake \ ---disable-install-setuid +--disable-install-setuid \ +$(libs) confflags_main = \ --with-default-font-path=/usr/share/fonts/X11/misc,/usr/share/fonts/X11/cyrillic,/usr/share/fonts/X11/100dpi/:unscaled,/usr/share/fonts/X11/75dpi/:unscaled,/usr/share/fonts/X11/Type1,/usr/share/fonts/X11/100dpi,/usr/share/fonts/X11/75dpi,/var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType,built-ins \ -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1ufskz-x3...@vasks.debian.org
xorg-server: Changes to 'debian-squeeze'
ChangeLog | 205 + debian/changelog | 10 ++ glx/glxcmds.c | 188 +++-- glx/glxcmdsswap.c | 171 -- glx/xfont.c|2 hw/xfree86/common/xf86Xinput.c |8 - hw/xquartz/GL/Makefile.am |2 os/utils.c |4 8 files changed, 563 insertions(+), 27 deletions(-) New commits: commit 869682effd2abbd48c47653e63d451e24666830a Author: Julien Cristau jcris...@debian.org Date: Sat Oct 29 18:54:27 2011 +0200 Upload to squeeze diff --git a/debian/changelog b/debian/changelog index 7c2935c..4d8d03c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -xorg-server (2:1.7.7-14) UNRELEASED; urgency=low +xorg-server (2:1.7.7-14) squeeze; urgency=low * GLX: add missing input sanitization (CVE-2010-4818). Also fix a couple swapping issues. @@ -6,7 +6,7 @@ xorg-server (2:1.7.7-14) UNRELEASED; urgency=low * File permission change vulnerability (CVE-2011-4029). * xf86ScaleAxis: support for high resolution devices. - -- Julien Cristau jcris...@debian.org Fri, 21 Oct 2011 20:56:40 +0200 + -- Julien Cristau jcris...@debian.org Sat, 29 Oct 2011 18:44:58 +0200 xorg-server (2:1.7.7-13) stable; urgency=low commit 7fb763b4b6150ceb37fbd209ee59498489db1afc Author: Julien Cristau jcris...@debian.org Date: Fri Oct 21 20:58:43 2011 +0200 Changelogs diff --git a/ChangeLog b/ChangeLog index b9683ab..f3261ee 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,208 @@ +commit 03ff880e8bf20cdecaf27f03391ea31545ecc22c +Author: Matthieu Herrb matthieu.he...@laas.fr +Date: Mon Oct 17 22:27:35 2011 +0200 + +Fix CVE-2011-4029: File permission change vulnerability. + +Use fchmod() to change permissions of the lock file instead +of chmod(), thus avoid the race that can be exploited to set +a symbolic link to any file or directory in the system. + +Signed-off-by: Matthieu Herrb matthieu.he...@laas.fr +Reviewed-by: Alan Coopersmith alan.coopersm...@oracle.com +(cherry picked from commit b67581cf825940fdf52bf2e0af4330e695d724a4) +(cherry picked from commit 12f65819ffb04103f170ecd7e281348de618fc4c) + +commit 3394ae378da567025ac94a2c2ff04f2a0b113962 +Author: Matthieu Herrb matthieu.he...@laas.fr +Date: Mon Oct 17 22:26:12 2011 +0200 + +Fix CVE-2011-4028: File disclosure vulnerability. + +use O_NOFOLLOW to open the existing lock file, so symbolic links +aren't followed, thus avoid revealing if it point to an existing +file. + +Signed-off-by: Matthieu Herrb matthieu.he...@laas.fr +Reviewed-by: Alan Coopersmith alan.coopersm...@oracle.com +(cherry picked from commit 6ba44b91e37622ef8c146d8f2ac92d708a18ed34) +(cherry picked from commit f80d23357874db19bc124dee70239fb182977883) + +commit 656307e93a7c72b147805e3741ebb02baf876150 +Author: Julien Cristau jcris...@debian.org +Date: Sun Jan 23 13:35:54 2011 +0100 + +glx: Work around wrong request lengths sent by mesa + +mesa used to send too long requests for GLXDestroyPixmap, +GLXDestroyWindow, GLXChangeDrawableAttributes, GLXGetDrawableAttributes +and GLXGetFBConfigsSGIX. + +Fixes a regression introduced in ec9c97c6bf70b523bc500bd3adf62176f1bb33a4 +X.Org bug#33324 https://bugs.freedesktop.org/show_bug.cgi?id=33324 + +Reported-by: xunx.f...@intel.com +Signed-off-by: Julien Cristau jcris...@debian.org +Reviewed-by: Adam Jackson a...@redhat.com +(cherry picked from commit 402b329c3aa8ddbebaa1f593306a02d4cd6fed26) + +commit c821bd84e594e86d5dd766f680064e88a29a10d1 +Author: Julien Cristau jcris...@debian.org +Date: Wed Jan 26 13:06:53 2011 +0100 + +glx: fix BindTexImageEXT length check + +The request is followed by a list of attributes. + +X.Org bug#33449 + +Reported-and-tested-by: meng mengmeng.m...@intel.com +Signed-off-by: Julien Cristau jcris...@debian.org +Reviewed-by: Adam Jackson a...@redhat.com +(cherry picked from commit 1137c11be0f82049d28024eaf963c6f76e0d4334) + +commit 5b76d710d3cebbfb8a5f02eaa7920f73deadff21 +Author: Julien Cristau jcris...@debian.org +Date: Sun Jan 23 17:05:26 2011 +0100 + +glx: fix request length check for CreateGLXPbufferSGIX + +The request is followed by an attribute list. + +Signed-off-by: Julien Cristau jcris...@debian.org +Reviewed-by: Adam Jackson a...@redhat.com +(cherry picked from commit a883cf1545abd89bb2cadfa659718884b56fd234) + +commit 7ed56f793fe9bfe1fd2b70157523952cf6070fd8 +Author: Julien Cristau jcris...@debian.org +Date: Wed Nov 10 22:39:54 2010 +0100 + +glx: validate numAttribs field before using it + +Reviewed-by: Kristian Høgsberg k...@bitplanet.net +Reviewed-by: Daniel Stone dan...@fooishbar.org +Signed-off-by: Julien Cristau jcris...@debian.org +(cherry
xorg-server: Changes to 'debian-squeeze-backports'
ChangeLog| 385 configure.ac |4 debian/changelog | 13 dix/getevents.c | 23 exa/exa_mixed.c | 23 glx/glxscreens.c |7 glx/glxscreens.h |1 hw/dmx/glxProxy/glxscreens.h |1 hw/kdrive/ephyr/ephyrdriext.c|4 hw/xfree86/common/xf86Config.c |3 hw/xfree86/common/xf86Init.c | 32 hw/xfree86/common/xf86Option.c |2 hw/xfree86/common/xf86Xinput.c |1 hw/xquartz/GL/indirect.c | 18 hw/xquartz/X11Application.h |3 hw/xquartz/X11Application.m | 47 hw/xquartz/X11Controller.h |2 hw/xquartz/X11Controller.m | 18 hw/xquartz/bundle/Makefile.am|9 hw/xquartz/bundle/Resources/Dutch.lproj/Localizable.strings |binary hw/xquartz/bundle/Resources/Dutch.lproj/locversion.plist |4 hw/xquartz/bundle/Resources/Dutch.lproj/main.nib/designable.nib | 7414 - hw/xquartz/bundle/Resources/Dutch.lproj/main.nib/keyedobjects.nib|binary hw/xquartz/bundle/Resources/English.lproj/locversion.plist | 14 hw/xquartz/bundle/Resources/French.lproj/Localizable.strings |binary hw/xquartz/bundle/Resources/French.lproj/locversion.plist|4 hw/xquartz/bundle/Resources/French.lproj/main.nib/designable.nib | 633 hw/xquartz/bundle/Resources/French.lproj/main.nib/keyedobjects.nib |binary hw/xquartz/bundle/Resources/German.lproj/Localizable.strings |binary hw/xquartz/bundle/Resources/German.lproj/locversion.plist|4 hw/xquartz/bundle/Resources/German.lproj/main.nib/designable.nib | 586 hw/xquartz/bundle/Resources/German.lproj/main.nib/keyedobjects.nib |binary hw/xquartz/bundle/Resources/Italian.lproj/Localizable.strings|binary hw/xquartz/bundle/Resources/Italian.lproj/locversion.plist |4 hw/xquartz/bundle/Resources/Italian.lproj/main.nib/designable.nib| 7417 - hw/xquartz/bundle/Resources/Italian.lproj/main.nib/keyedobjects.nib |binary hw/xquartz/bundle/Resources/Japanese.lproj/Localizable.strings |binary hw/xquartz/bundle/Resources/Japanese.lproj/locversion.plist |4 hw/xquartz/bundle/Resources/Japanese.lproj/main.nib/designable.nib | 583 hw/xquartz/bundle/Resources/Japanese.lproj/main.nib/keyedobjects.nib |binary hw/xquartz/bundle/Resources/Spanish.lproj/Localizable.strings|binary hw/xquartz/bundle/Resources/Spanish.lproj/locversion.plist |4 hw/xquartz/bundle/Resources/Spanish.lproj/main.nib/designable.nib| 7430 - hw/xquartz/bundle/Resources/Spanish.lproj/main.nib/keyedobjects.nib |binary hw/xquartz/bundle/Resources/ar.lproj/Localizable.strings |binary hw/xquartz/bundle/Resources/ar.lproj/locversion.plist|4 hw/xquartz/bundle/Resources/ar.lproj/main.nib/designable.nib | 375 hw/xquartz/bundle/Resources/ar.lproj/main.nib/keyedobjects.nib |binary hw/xquartz/bundle/Resources/da.lproj/Localizable.strings |binary hw/xquartz/bundle/Resources/da.lproj/locversion.plist|4 hw/xquartz/bundle/Resources/da.lproj/main.nib/designable.nib | 652 hw/xquartz/bundle/Resources/da.lproj/main.nib/keyedobjects.nib |binary hw/xquartz/bundle/Resources/el.lproj/InfoPlist.strings |binary hw/xquartz/bundle/Resources/el.lproj/Localizable.strings |binary hw/xquartz/bundle/Resources/el.lproj/locversion.plist| 14 hw/xquartz/bundle/Resources/el.lproj/main.nib/designable.nib | 3521 hw/xquartz/bundle/Resources/el.lproj/main.nib/keyedobjects.nib |binary hw/xquartz/bundle/Resources/fi.lproj/Localizable.strings |binary hw/xquartz/bundle/Resources/fi.lproj/locversion.plist|4 hw/xquartz/bundle/Resources/fi.lproj/main.nib/designable.nib | 421 hw/xquartz/bundle/Resources/fi.lproj/main.nib/keyedobjects.nib |binary hw/xquartz/bundle/Resources/he.lproj/InfoPlist.strings |binary hw/xquartz/bundle/Resources/he.lproj/Localizable.strings |binary
xorg-server: Changes to 'debian-squeeze-backports'
New branch 'debian-squeeze-backports' available with the following commits: commit dfc3f5fa556b06a5969ec979835428cb0f287810 Author: Cyril Brulebois k...@debian.org Date: Sun Aug 14 13:52:40 2011 +0200 Upload to squeeze-backports. commit 6a6cd3691609c73ac845ee479d5eb86db27c4f06 Author: Cyril Brulebois k...@debian.org Date: Tue Jul 19 00:15:00 2011 +0200 Support upgrades from squeeze and to wheezy. commit e9dcef5c8b94ddc4282599e91c21a700cd8dff0c Author: Cyril Brulebois k...@debian.org Date: Tue Jul 19 00:10:07 2011 +0200 Rebuild for squeeze-backports. -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1qscp6-0007yd...@vasks.debian.org
xorg-server: Changes to 'debian-squeeze'
debian/changelog |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) New commits: commit d20f491cb1ed5a5fe8a33fcfa66504288652cc62 Author: Cyril Brulebois k...@debian.org Date: Fri Feb 18 21:19:18 2011 +0100 Upload to stable. diff --git a/debian/changelog b/debian/changelog index 3b70492..ba68ab8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -xorg-server (2:1.7.7-13) UNRELEASED; urgency=low +xorg-server (2:1.7.7-13) stable; urgency=low * bug script: Report KMS configuration files and their contents. * bug script: Keep only one lspci call (with proper filtering), which @@ -8,7 +8,7 @@ xorg-server (2:1.7.7-13) UNRELEASED; urgency=low - Revert randr: check for virtual size limits before set crtc * bug script: Report libGL-related diversions. - -- Cyril Brulebois k...@debian.org Wed, 09 Feb 2011 10:24:10 +0100 + -- Cyril Brulebois k...@debian.org Fri, 18 Feb 2011 14:21:12 +0100 xorg-server (2:1.7.7-12) unstable; urgency=low -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1pqxck-0005mn...@alioth.debian.org
xorg-server: Changes to 'debian-squeeze'
debian/changelog|1 + debian/xserver-xorg-core.bug.script |6 ++ 2 files changed, 7 insertions(+) New commits: commit a35844088e82ebe8dd3f7c7e4be1b5164f6e1f78 Author: Cyril Brulebois k...@debian.org Date: Wed Feb 16 23:28:13 2011 +0100 bug script: Report libGL-related diversions. diff --git a/debian/changelog b/debian/changelog index cc53af8..3b70492 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,6 +6,7 @@ xorg-server (2:1.7.7-13) UNRELEASED; urgency=low * Merge from server-1.7-branch, fixing broken rotation with nvidia driver (Closes: #611619): - Revert randr: check for virtual size limits before set crtc + * bug script: Report libGL-related diversions. -- Cyril Brulebois k...@debian.org Wed, 09 Feb 2011 10:24:10 +0100 diff --git a/debian/xserver-xorg-core.bug.script b/debian/xserver-xorg-core.bug.script index 32b5e6b..c78ce6e 100644 --- a/debian/xserver-xorg-core.bug.script +++ b/debian/xserver-xorg-core.bug.script @@ -48,6 +48,12 @@ if ldd $SERVER_BINARY | grep -qs $X11R6_LIBS; then echo fi +if dpkg-divert --list | grep -qs -i libgl; then +pecho Diversions concerning libGL are in place +dpkg-divert --list | grep -i libgl +echo +fi + if which lspci /dev/null 21; then pecho VGA-compatible devices on PCI bus: LC_ALL=C lspci -nn | grep 'VGA compatible controller' -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1ppqcc-0008qj...@alioth.debian.org
xorg-server: Changes to 'debian-squeeze'
debian/changelog|8 debian/xserver-xorg-core.bug.script | 19 +-- 2 files changed, 25 insertions(+), 2 deletions(-) New commits: commit fa9757e236b5f3645c934c9cb4e4418e3bf0f1aa Author: Cyril Brulebois k...@debian.org Date: Wed Feb 9 10:21:34 2011 +0100 bug script: Keep only one lspci call (with proper filtering), which makes PCI IDs come back. diff --git a/debian/changelog b/debian/changelog index f496c8e..5815ac3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,8 @@ xorg-server (2:1.7.7-13) UNRELEASED; urgency=low * bug script: Report KMS configuration files and their contents. + * bug script: Keep only one lspci call (with proper filtering), which +makes PCI IDs come back. -- Cyril Brulebois k...@debian.org Wed, 09 Feb 2011 10:24:10 +0100 diff --git a/debian/xserver-xorg-core.bug.script b/debian/xserver-xorg-core.bug.script index 2890ce6..32b5e6b 100644 --- a/debian/xserver-xorg-core.bug.script +++ b/debian/xserver-xorg-core.bug.script @@ -50,8 +50,7 @@ fi if which lspci /dev/null 21; then pecho VGA-compatible devices on PCI bus: -LC_ALL=C lspci | grep 'VGA compatible controller:' -LC_ALL=C lspci -n | grep 'Class 0300:' +LC_ALL=C lspci -nn | grep 'VGA compatible controller' else echo The lspci command was not found; not including PCI data. fi commit f464a93ef85ddf3d3b84a5c6826b39b97537fadd Author: Cyril Brulebois k...@debian.org Date: Wed Feb 9 10:24:50 2011 +0100 bug script: Report KMS configuration files and their contents. diff --git a/debian/changelog b/debian/changelog index 11f216c..f496c8e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +xorg-server (2:1.7.7-13) UNRELEASED; urgency=low + + * bug script: Report KMS configuration files and their contents. + + -- Cyril Brulebois k...@debian.org Wed, 09 Feb 2011 10:24:10 +0100 + xorg-server (2:1.7.7-12) unstable; urgency=low * Cherry-pick this to fix crashes with MCE remotes (Closes: #609750): diff --git a/debian/xserver-xorg-core.bug.script b/debian/xserver-xorg-core.bug.script index 9d0f54c..2890ce6 100644 --- a/debian/xserver-xorg-core.bug.script +++ b/debian/xserver-xorg-core.bug.script @@ -79,6 +79,22 @@ fi echo +KMS_CONFS_DIR=/etc/modprobe.d +KMS_CONFS=$(ls $KMS_CONFS_DIR/*-kms.conf 2/dev/null) + +if [ -n $KMS_CONFS ]; then +pecho KMS configuration files: +for CONF in $KMS_CONFS; do + echo $CONF: + # Indent, and get rid of empty lines: + sed 's/^/ /' $CONF|egrep -v '^\s*$' +done +else +echo $KMS_CONFS_DIR contains no KMS configuration files. +fi + +echo + KERNEL_VERSION=/proc/version if [ -e $KERNEL_VERSION ]; then -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1pn6na-0005fd...@alioth.debian.org
xorg-server: Changes to 'debian-squeeze'
debian/changelog |3 +++ randr/rrscreen.c | 12 2 files changed, 3 insertions(+), 12 deletions(-) New commits: commit 5fea0ae92d7a9d28c41f1baa065ef3f44f0dcb2d Author: Cyril Brulebois k...@debian.org Date: Wed Feb 9 11:16:49 2011 +0100 Document the merge to fix #611619. diff --git a/debian/changelog b/debian/changelog index 5815ac3..cc53af8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,9 @@ xorg-server (2:1.7.7-13) UNRELEASED; urgency=low * bug script: Report KMS configuration files and their contents. * bug script: Keep only one lspci call (with proper filtering), which makes PCI IDs come back. + * Merge from server-1.7-branch, fixing broken rotation with nvidia +driver (Closes: #611619): +- Revert randr: check for virtual size limits before set crtc -- Cyril Brulebois k...@debian.org Wed, 09 Feb 2011 10:24:10 +0100 commit d77ffa918b2aaa3ca1deb17ed0145199d0f863da Author: Julien Cristau jcris...@debian.org Date: Mon Jan 31 14:14:47 2011 +0100 Revert randr: check for virtual size limits before set crtc Apparently these checks break rotation with the nvidia drivers: https://bbs.archlinux.org/viewtopic.php?pid=877761 http://bugs.debian.org/611619 Let's not do that in a stable branch. This reverts commit 6a6d907e7057cadbd80572119c09732385cd. Signed-off-by: Julien Cristau jcris...@debian.org diff --git a/randr/rrscreen.c b/randr/rrscreen.c index 0fee1f5..630ff57 100644 --- a/randr/rrscreen.c +++ b/randr/rrscreen.c @@ -921,18 +921,6 @@ ProcRRSetScreenConfig (ClientPtr client) width = mode-mode.height; height = mode-mode.width; } - -if (width pScrPriv-minWidth || pScrPriv-maxWidth width) { - client-errorValue = width; - free(pData); - return BadValue; -} -if (height pScrPriv-minHeight || pScrPriv-maxHeight height) { - client-errorValue = height; - free(pData); - return BadValue; -} - if (width != pScreen-width || height != pScreen-height) { int c; commit 5549d99acbc38c8a1f12d649c42f044392ec7af0 Author: Peter Hutterer peter.hutte...@who-t.net Date: Fri Sep 3 11:54:41 2010 +1000 mi: handle DGA subtypes when determining the master device. The subtype in the DGA event is the core type and all ET_ event types (where applicable) are identical to the core types. Thus the switch statement below will work as required and assign the right master device. Fixes a crasher bug on keyboard devices with valuators. If a device sends a motion event while grabbed and a DGA client is active (but has not selected input through DGA), the valuator event is posted through the VCK and eventually results in a NULL-pointer dereference on dev-valuator. Signed-off-by: Peter Hutterer peter.hutte...@who-t.net (cherry picked from commit 31ab9f8860848504df18a8be9d19b817b191e0df) (cherry picked from commit faecab3b13bbaecf4f35f49b833d1b79a5fb647d) diff --git a/mi/mieq.c b/mi/mieq.c index 9b6d0c9..97f4afc 100644 --- a/mi/mieq.c +++ b/mi/mieq.c @@ -320,6 +320,7 @@ CopyGetMasterEvent(DeviceIntPtr sdev, { DeviceIntPtr mdev; int len = original-any.length; +int type = original-any.type; CHECKEVENT(original); @@ -327,7 +328,12 @@ CopyGetMasterEvent(DeviceIntPtr sdev, if (!sdev || !sdev-u.master) return NULL; -switch(original-any.type) +#if XFreeXDGA +if (type == ET_DGAEvent) +type = original-dga_event.subtype; +#endif + +switch(type) { case ET_KeyPress: case ET_KeyRelease: -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1pn799-0001dk...@alioth.debian.org
xorg-server: Changes to 'debian-squeeze'
New branch 'debian-squeeze' available with the following commits: -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1plj13-by...@alioth.debian.org