~thopiekar/xorg-server/+git/xorg-server-salsa.debian:debian-jessie

Last commit made on 2017-10-14
Get this branch:
git clone -b debian-jessie https://git.launchpad.net/~thopiekar/xorg-server/+git/xorg-server-salsa.debian

Branch merges

Branch information

Recent commits

f684ce9... by Julien Cristau

Upload to jessie-security

791d9d8... by Julien Cristau

Update changelog

37cff46... by Ray Strode <email address hidden>

xwayland: default to local user if no xauth file given. [CVE-2015-3164 3/3]

Right now if "-auth" isn't passed on the command line, we let
any user on the system connect to the Xwayland server.

That's clearly suboptimal, given Xwayland is generally designed
to be used by one user at a time.

This commit changes the behavior, so only the user who started the
X server can connect clients to it.

Signed-off-by: Ray Strode <email address hidden>
Reviewed-by: Daniel Stone <email address hidden>
Reviewed-by: Alan Coopersmith <email address hidden>
Signed-off-by: Keith Packard <email address hidden>
(cherry picked from commit 76636ac12f2d1dbdf7be08222f80e7505d53c451)

cebb2db... by Ray Strode <email address hidden>

os: support new implicit local user access mode [CVE-2015-3164 2/3]

If the X server is started without a '-auth' argument, then
it gets started wide open to all local users on the system.

This isn't a great default access model, but changing it in
Xorg at this point would break backward compatibility.

Xwayland, on the other hand is new, and much more targeted
in scope. It could, in theory, be changed to allow the much
more secure default of a "user who started X server can connect
clients to that server."

This commit paves the way for that change, by adding a mechanism
for DDXs to opt-in to that behavior. They merely need to call

LocalAccessScopeUser()

in their init functions.

A subsequent commit will add that call for Xwayland.

Signed-off-by: Ray Strode <email address hidden>
Reviewed-by: Daniel Stone <email address hidden>
Reviewed-by: Alan Coopersmith <email address hidden>
Signed-off-by: Keith Packard <email address hidden>
(cherry picked from commit 4b4b9086d02b80549981d205fb1f495edc373538)

ecd1094... by Ray Strode <email address hidden>

xwayland: Enable access control on open sockets [CVE-2015-3164 1/3]

Xwayland currently allows wide-open access to the X sockets
it listens on, ignoring Xauth access control.

This commit makes sure to enable access control on the sockets,
so one user can't snoop on another user's X-over-wayland
applications.

Signed-off-by: Ray Strode <email address hidden>
Reviewed-by: Daniel Stone <email address hidden>
Reviewed-by: Alan Coopersmith <email address hidden>
Signed-off-by: Keith Packard <email address hidden>
(cherry picked from commit c4534a38b68aa07fb82318040dc8154fb48a9588)

873dd83... by Matthieu Herrb

Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624

Provide the function definition for systems that don't have it.

Signed-off-by: Matthieu Herrb <email address hidden>
Reviewed-by: Alan Coopersmith <email address hidden>
(cherry picked from commit d7ac755f0b618eb1259d93c8a16ec6e39a18627c)

fe4b80e... by Julien Cristau

Changelog update

542ccdc... by Michal Srb <email address hidden>

xkb: Escape non-printable characters correctly.

XkbStringText escapes non-printable characters using octal numbers. Such escape
sequence would be at most 5 characters long ("\0123"), so it reserves 5 bytes
in the buffer. Due to char->unsigned int conversion, it would print much longer
string for negative numbers.

Reviewed-by: Keith Packard <email address hidden>
Signed-off-by: Julien Cristau <email address hidden>
(cherry picked from commit eaf1f72ed8994b708d94ec2de7b1a99f5c4a39b8)
(cherry picked from commit 3094c4c6d879215923f2183ecd048b4f5429b182)

1caf94c... by Nathan Kidd <email address hidden>

Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176)

Reviewed-by: Julien Cristau <email address hidden>
Signed-off-by: Nathan Kidd <email address hidden>
Signed-off-by: Julien Cristau <email address hidden>
(cherry picked from commit b747da5e25be944337a9cd1415506fc06b70aa81)
(cherry picked from commit 95f605b42d8bbb6bea2834a1abfc205981c5b803)

49afe42... by Nathan Kidd <email address hidden>

dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo (CVE-2017-12177)

v2: Protect against integer overflow (Alan Coopersmith)

Reviewed-by: Alan Coopersmith <email address hidden>
Reviewed-by: Jeremy Huddleston Sequoia <email address hidden>
Reviewed-by: Julien Cristau <email address hidden>
Signed-off-by: Nathan Kidd <email address hidden>
Signed-off-by: Julien Cristau <email address hidden>
(cherry picked from commit 4ca68b878e851e2136c234f40a25008297d8d831)
(cherry picked from commit cc41e5b581d287c56f8d7113a97a4882dcfdd696)