Opened 3 years ago

Closed 3 years ago

#16779 closed enhancement (fixed)

xorg-server-21.1.4

Reported by: Xi Ruoyao Owned by: Douglas R. Reno
Priority: elevated Milestone: 11.2
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New patch version, with security fixes.

Change History (5)

comment:1 by Xi Ruoyao, 3 years ago

Błażej Szczygieł (1):

  • present: Check for NULL to prevent crash

Jeremy Huddleston Sequoia (23):

  • rootless: Dead code removal (ROOTLESS_REDISPLAY_DELAY is already defined)
  • X11Application: Ensure TIS operations are done on the main thread
  • os/connection: Improve abstraction for launchd secure sockets
  • xquartz: Create a separate category for organizing user preferences
  • xquartz pbproxy: Adopt NSUserDefaults+XQuartzDefaults for preferences
  • xquartz: Fold spaces related preferences into NSUserDefaults+XQuartzDefaults
  • XQuartz: Ensure scroll events are delivered to a single window (not both X11 and AppKit)
  • meson: Bump requirement to meson-0.50.0
  • xquartz: Update Sparkle configuration to use SUPublicEDKey
  • xquartz: Update copyright for 2022
  • meson: Provide options to set CFBundleVersion and CFBundleVersionString in XQuartz
  • Revert "meson: Bump requirement to meson-0.50.0"
  • xquartz: Update autotools-based builds of XQuartz to account for recent changes
  • print_edid: Fix a format string error
  • xf86-input-inputtest: Fix build on systems without SOCK_NONBLOCK
  • tests: Fix build failure from missing micmap.c
  • meson: Support building Xnest and Xorg on darwin
  • XQuartz: Build the bundle trampoline when using meson
  • XQuartz: Add TCC reason keys to Info.plist
  • xquartz: Use correct defines when building to support Sparkle updates
  • xquartz: Fix a possible crash when editing the Application menu due to mutaing immutable arrays
  • XQuartz: Improve type safety for X11Controller's application menu editor
  • xquartz: Add missing files to distribution tarball

Olivier Fourdan (1):

  • render: Fix build with gcc 12

Peter Hutterer (3):

  • xkb: switch to array index loops to moving pointers
  • xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck
  • xkb: add request length validation for XkbSetGeometry

Povilas Kanapickas (5):

  • Revert "os: Try to discover the current seat with the XDG_SEAT var first"
  • dix: Correctly save replayed event into GrabInfoRec
  • dix: Don't send touch end to clients that do async grab without touches
  • xfree86: Fix event data alignment in inputtest driver
  • xserver 21.1.4

Samuel Thibault (1):

  • xkb: fix XkbSetMap when changing a keysym without changing a keytype

comment:2 by Xi Ruoyao, 3 years ago

CVE fixed in this release:

  • CVE-2022-2319/ZDI-CAN-16062: X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access
  • CVE-2022-2320/ZDI-CAN-16070: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access

comment:3 by Douglas R. Reno, 3 years ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:4 by Douglas R. Reno, 3 years ago

The gcc-12 sed is no longer required

comment:5 by Douglas R. Reno, 3 years ago

Resolution: fixed
Status: assignedclosed

Fixed at 0bfec527d3564723f516289a6626ac058b3048fc

Note: See TracTickets for help on using tickets.