lp:ubuntu/feisty-security/xorg-server
- Get this branch:
- bzr branch lp:ubuntu/feisty-security/xorg-server
Branch merges
Branch information
Recent revisions
- 49. By Bryce Harrington
-
* Fix multiple security issues:
+ CVE-2008-2360 - RENDER Extension heap buffer overflow
+ CVE-2008-2361 - RENDER Extension crash
+ CVE-2008-2362 - RENDER Extension memory corruption
+ CVE-2008-1379 - MIT-SHM arbitrary memory read
+ CVE-2008-1377 - RECORD and Security extensions memory corruption - 48. By Kees Cook
-
* SECURITY UPDATE: multiple memory corruption flaws.
* Re-applied security patches from 2:1.2.0-3ubuntu8.1.
* Updated fix_CVE-2007-6429. patch: upstream fixes for bbp < 8
crash regressions.
* References
http://gitweb. freedesktop. org/?p= xorg/xserver. git;a=commitdif f;h=e9fa7c1c88a 8130a48f772c92b 186b8b777986b5 - 46. By Kees Cook
-
* SECURITY UPDATE: multiple memory corruption flaws.
* Added fix_CVE-2007-5958. patch: upstream fix from Matthieu Herrb.
* Added fix_CVE-2007-5760. patch: backported upstream fixes
(bbde5b62a137ba726a747b838d8 1e92d72c1b42b) for XFree86 Misc extension out
of bounds array index.
* Added fix_CVE-2007-6427. patch: backported upstream fixes
(dd5e0f5cd5f3a87fee86d99c073 ffa7cf89b0a27) for Xinput extension memory
corruption.
* Added fix_CVE-2007-6428. patch: backported upstream fixes
(7dc1717ff0f96b99271a912b894 8dfce5164d5ad) for TOG-cup extension memory
corruption.
* Added fix_CVE-2007-6429. patch: backported upstream fixes
(6de61f82728df22ea01f9659df6 581b87f33f11d) for MIT-SHM and EVI extensions
integer overflows.
* Added fix_CVE-2008-0006. patch: backported upstream fixes
(8e133d96740d010a4fd969a8188 e6e71fb2cafe2) for PCF Font parser buffer
overflow. - 45. By Kees Cook
-
* SECURITY UPDATE: arbitrary code execution with root privs via integer
overflows in MISC-XC.
* Add debian/patches/ 131_misc_ xc_overflows. patch: upstream fixes.
* References
CVE-2007-1003 - 44. By Timo Aaltonen
-
* debian/
patches/ 120_fedora_ disable_ offscreen_ pixmaps. patch
- update to the latest version from Fedora (rev. 1.6, was 1.1) - 43. By Timo Aaltonen
-
* debian/
{rules, xsfbs/xsfbs. mk,serverminver ,inputabiver}
- Import changes from current debian package, needed for the new intel
driver.
- Rename serverabiver to videoabiver, value 1.0.
- Set serverminver as this version.
* debian/patches:
129_remove_extra_i2c_ bittimeout. patch
130_slow_down_ddc_ i2c.patch
- Patches from server-1.3 branch, which make probing the monitor more
robust. - 42. By Timo Aaltonen
-
* debian/
patches/ 120_fedora_ disable_ offscreen_ pixmaps. diff
- Re-enable. Despite being a hack, it works and is needed for compositing
managers to work properly. (LP: #89189) - 41. By Timo Aaltonen
-
* debian/
patches/ 107_fedora_ dont_backfill_ bg_none. patch:
- Re-enable to see if it helps with performance regressions.
* debian/patches/ 127_check_ for_clientgone. patch:
- A fix from upstream. (LP: #60288)
* debian/patches/ 128_fix_ client_ privates_ leak.patch
- Plug a memory leak. (LP: #92882)
* debian/rules
- Fix a typo in --with-default- font-path. - 40. By Timo Aaltonen
-
* debian/patches:
- Rename 019_ubuntu_enable_ composite. diff to 119_* so that it is in line
with the rest of our patches
- Re-add 126_debian_always_ use_default_ font_path. diff. This was dropped
by Debian but needed by us since we still have legacy fontpaths in
old configurations, so new paths need to be appended to the list.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/xorg-server