ubuntu/+source/xorg-server:ubuntu/zesty-devel

Last commit made on 2017-10-17
Get this branch:
git clone -b ubuntu/zesty-devel https://git.launchpad.net/ubuntu/+source/xorg-server
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/zesty-devel
Repository:
lp:ubuntu/+source/xorg-server

Recent commits

2154945... by Marc Deslauriers on 2017-10-13

Import patches-unapplied version 2:1.19.3-1ubuntu1.3 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 94e8cab62e50b67bebce82b74e5d619b378e536c

New changelog entries:
  * SECURITY UPDATE: unvalidated extra length in ProcEstablishConnection
    - debian/patches/CVE-2017-12176.patch: add check to dix/dispatch.c.
    - CVE-2017-12176
  * SECURITY UPDATE: Unvalidated variable-length request in
    ProcDbeGetVisualInfo
    - debian/patches/CVE-2017-12177.patch: add check to dbe/dbe.c.
    - CVE-2017-12177
  * SECURITY UPDATE: wrong extra length check in ProcXIChangeHierarchy
    - debian/patches/CVE-2017-12178.patch: fix length check in
      Xi/xichangehierarchy.c.
    - CVE-2017-12178
  * SECURITY UPDATE: integer overflow and unvalidated length in
    ProcXIBarrierReleasePointer
    - debian/patches/CVE-2017-12179-1.patch: test exact size of
      XIBarrierReleasePointer in Xi/xibarriers.c.
    - debian/patches/CVE-2017-12179-2.patch: add checks to Xi/xibarriers.c.
    - CVE-2017-12179
  * SECURITY UPDATE: various unvalidated lengths
    - debian/patches/CVE-2017-12180-12182.patch: add more checks to
      Xext/vidmode.c, hw/xfree86/common/xf86DGA.c,
      hw/xfree86/dri/xf86dri.c.
    - CVE-2017-12180
    - CVE-2017-12181
    - CVE-2017-12182
  * SECURITY UPDATE: more unvalidated lengths
    - debian/patches/CVE-2017-12183.patch: add checks to xfixes/cursor.c,
      xfixes/region.c, xfixes/saveset.c, xfixes/xfixes.c.
    - CVE-2017-12183
  * SECURITY UPDATE: even more unvalidated lengths
    - debian/patches/CVE-2017-12184-12187.patch: add more checks to
      Xext/panoramiX.c, Xext/saver.c, Xext/xres.c, Xext/xvdisp.c,
      hw/dmx/dmxpict.c, pseudoramiX/pseudoramiX.c, render/render.c.
    - CVE-2017-12184
    - CVE-2017-12185
    - CVE-2017-12186
    - CVE-2017-12187
  * debian/patches/os_big_requests.patch: make sure big requests have
    sufficient length in os/io.c.
  * debian/patches/xkb_escape_fix.patch: escape non-printable characters
    correctly in xkb/xkbtext.c.

94e8cab... by Marc Deslauriers on 2017-10-11

Import patches-unapplied version 2:1.19.3-1ubuntu1.2 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: cc05abd327963a0920ec78eed5ed914556686b91

New changelog entries:
  * SECURITY UPDATE: DoS or segment overwrite via shmseg resource id
    - debian/patches/CVE-2017-13721.patch: validate shmseg resource id in
      Xext/shm.c.
    - CVE-2017-13721
  * SECURITY UPDATE: buffer overflow via XKB data
    - debian/patches/CVE-2017-13723.patch: handle xkb formatted string
      output safely in xkb/xkbtext.c.
    - CVE-2017-13723

cc05abd... by Marc Deslauriers on 2017-07-17

Import patches-unapplied version 2:1.19.3-1ubuntu1.1 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: c05a9587711df36ef08bdda9eb60e577e1820282

New changelog entries:
  * SECURITY UPDATE: DoS and possible code execution in endianness
    conversion of X Events
    - debian/patches/CVE-2017-10971-1.patch: do not try to swap
      GenericEvent in Xi/sendexev.c.
    - debian/patches/CVE-2017-10971-2.patch: verify all events in
      ProcXSendExtensionEvent in Xi/sendexev.c.
    - debian/patches/CVE-2017-10971-3.patch: disallow GenericEvent in
      SendEvent request in dix/events.c, dix/swapreq.c.
    - CVE-2017-10971
  * SECURITY UPDATE: information leak in XEvent handling
    - debian/patches/CVE-2017-10972.patch: zero target buffer in
      SProcXSendExtensionEvent in Xi/sendexev.c.
    - CVE-2017-10972

c05a958... by Timo Aaltonen on 2017-03-27

Import patches-unapplied version 2:1.19.3-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 14154b821e31f60e1a05405406db900e98c5ad56

New changelog entries:
  [ Timo Aaltonen ]
  * Merge from Debian experimental. (LP: #1671799)
    - Patches refreshed
    - randr-adjust-masters-last-set-time.diff,
      modesetting-unifdef-slave-support.diff: Dropped, upstream
    - config-add-no-removal.patch, xf86-inactive-gpuscreen.patch,
      fix-detach-gpu.patch: Dropped, more or less obsolete
  * 190_cache-xkbcomp_output_for_fast_start_up.patch: Cleaned up from
    the package as it wasn't used.
  * 111_armel-drv-fallbacks.patch: Dropped, we don't ship these drivers
    anymore.
  * rules: Drop the workaround that adds lt_cv_prog_compiler_static_works=no
    to confflags.
  * 232-xf86compatoutput-valgrind.patch: This was added upstream
    already, no need to carry a duplicate check.
  * 208_switch_on_release.diff: Dropped, doesn't work with 1.19.
  * 228_autobind_gpu.patch: Update from Fedora, fixes nvidia.
  * disable-rotation-transform-gpuscreens.patch: Dropped, nvidia
    supports rotation now.
  * 122_xext_fix_card32_overflow_in_xauth.patch: Dropped, upstream
    review found issues and it never got applied.
  * xfree86-no-xv-for-gpuscreens.patch: Drop bogus buglink.
  * 227_null_ptr_midispcur.patch: Dropped, upstream didn't accept it.
  * randr-do-not-check-the-screen-size.diff: Dropped, can't reproduce
    #1586260 anymore without the patch.
  [ Robert Ancell ]
  * debian/patches/xmir.patch:
    - Refresh
    - Fix warnings when built against lp:mir/0.25
    - Support both Mir 0.24, 0.25 and 0.26 client APIs
    - Fix crashing on arm64 (LP: #1642297)

14154b8... by Emilio Pozuelo Monfort <email address hidden> on 2017-03-15

Import patches-unapplied version 2:1.19.3-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 5c1b8f2fa2a0055995beedb8c1ec35ebfceaca84

New changelog entries:
  * New upstream release.

5c1b8f2... by Emilio Pozuelo Monfort <email address hidden> on 2017-03-03

Import patches-unapplied version 2:1.19.2-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 40a3648a5c664153f90a8f9d62c75e5506c75c59

New changelog entries:
  [ Andreas Boll ]
  * xserver-xorg-core.bug.script: Change udevadm path from /sbin to /bin
    (Closes: #852584).
  [ Emilio Pozuelo Monfort ]
  * New upstream stable release.
    - CVE-2017-2624: Timing attack against MIT cookie. Closes: #856398.
  * control: Build-depend on libbsd-dev everywhere, needed for
    arc4random_buf for the above fix.

40a3648... by Emilio Pozuelo Monfort <email address hidden> on 2017-01-19

Import patches-unapplied version 2:1.19.1-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: bdf3d5283601969f805b3f8b61711118acebc5db

New changelog entries:
  * rules: Only set the suid bit on Xorg.wrap when building arch:any
    packages. Thanks Julien Cristau.

bdf3d52... by Emilio Pozuelo Monfort <email address hidden> on 2017-01-19

Import patches-unapplied version 2:1.19.1-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 62e2aa6843c55089136d84ff897fba6107a42ef2

New changelog entries:
  * rules: Fix setting suid bit on Xorg.wrap.
  * rules: Don't ignore errors when setting the suid bit.

62e2aa6... by Andreas Boll <email address hidden> on 2017-01-18

Import patches-unapplied version 2:1.19.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 42eb0bd1b5adc0cf0335142da2657a7e51e099bb

New changelog entries:
  * rules: Fix udeb regression from dh migration. Should also fix FTBFS
    on hurd and kfreebsd.
  * rules: Add --fail-missing to dh_install.
  * rules: Remove unused vars config_backend_main and
    config_backend_udeb.

42eb0bd... by Emilio Pozuelo Monfort <email address hidden> on 2017-01-17

Import patches-unapplied version 2:1.19.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8b4b0569b2f86ca82a8c722f8d453ae79875ac9e

New changelog entries:
  [ Emilio Pozuelo Monfort ]
  * Switch to dh.
  * Drop build-deps on automake and libtool, dh-autoreconf depends on
    them for us.
  * rules: use install consistently.
  * Drop pre-wheezy Breaks.
  [ Andreas Boll ]
  * New upstream release.
    - AttendClient of grab-pervious client must queue to
      saved_ready_clients [v2] (Closes: #846779, #850940).
    - present: Only call present_flip_notify if vblank->queued == FALSE
      (Closes: #849250).