X.Org X server

~thopiekar/xorg-server/+git/xorg-server-salsa.debian:debian-bookworm

  1. Git
  2. lp:~thopiekar/xorg-server/+git/xorg-server-salsa.debian
  3. debian-bookworm
Last commit made on 2023-10-25
Get this branch:
git clone -b debian-bookworm https://git.launchpad.net/~thopiekar/xorg-server/+git/xorg-server-salsa.debian

Branch merges

Branch information

Name:
debian-bookworm
Repository:
lp:~thopiekar/xorg-server/+git/xorg-server-salsa.debian

Recent commits

6ea5465... by Julien Cristau

Drop buggy patches for CVE-2023-5574

4909789... by Julien Cristau

Security fixes for October 25, 2023

27e1445... by Julien Cristau

present-Check-for-NULL-to-prevent-crash.patch: drop, applied upstream since 21.1.4

d376ac3... by Cyril Brulebois

releasing version 2:21.1.7-3

cff654e... by Cyril Brulebois

Restore modesetting_drv.so in the udeb (Closes: #1035014).

55908a4... by Julien Cristau

Upload to unstable

80c6923... by Olivier Fourdan <email address hidden>

composite: Fix use-after-free of the COW

ZDI-CAN-19866/CVE-2023-1393

If a client explicitly destroys the compositor overlay window (aka COW),
we would leave a dangling pointer to that window in the CompScreen
structure, which will trigger a use-after-free later.

Make sure to clear the CompScreen pointer to the COW when the latter gets
destroyed explicitly by the client.

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Olivier Fourdan <email address hidden>
Reviewed-by: Adam Jackson <email address hidden>
(cherry picked from commit 26ef545b3502f61ca722a7a3373507e88ef64110)

74e0f69... by Julien Cristau

Add changelog entry

894358a... by Julien Cristau

Merge tag 'xorg-server-21.1.7' into debian-unstable

XOrg Server Version 21.1.7

af9111a... by Peter Hutterer

xserver 21.1.7

Signed-off-by: Peter Hutterer <email address hidden>