Xext/xcmisc.c | 13 +++++++++++--
configure | 24 ++++++++++++------------
configure.ac | 6 +++---
debian/changelog | 9 +++++----
debian/control | 26 +++++++++++++-------------
debian/rules | 14 +++++++-------
hw/xfree86/modes/xf86Crtc.c | 1 -
os/WaitFor.c | 9 ++++++---
8 files changed, 57 insertions(+), 45 deletions(-)
New commits:
commit 24fe408ef546e4e69af2d08d30c7cf84d5a45a26
Author: Julien Cristau <[EMAIL PROTECTED]>
Date: Fri Apr 6 12:06:57 2007 +0200
New upstream release candidate.
diff --git a/configure b/configure
index 657c5eb..75eb3ba 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for xorg-server 1.2.99.903.
+# Generated by GNU Autoconf 2.61 for xorg-server 1.2.99.905.
#
# Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=xorg>.
#
@@ -728,8 +728,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='xorg-server'
PACKAGE_TARNAME='xorg-server'
-PACKAGE_VERSION='1.2.99.903'
-PACKAGE_STRING='xorg-server 1.2.99.903'
+PACKAGE_VERSION='1.2.99.905'
+PACKAGE_STRING='xorg-server 1.2.99.905'
PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=xorg'
ac_unique_file="Makefile.am"
@@ -1805,7 +1805,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures xorg-server 1.2.99.903 to adapt to many kinds of
systems.
+\`configure' configures xorg-server 1.2.99.905 to adapt to many kinds of
systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1875,7 +1875,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of xorg-server 1.2.99.903:";;
+ short | recursive ) echo "Configuration of xorg-server 1.2.99.905:";;
esac
cat <<\_ACEOF
@@ -2187,7 +2187,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-xorg-server configure 1.2.99.903
+xorg-server configure 1.2.99.905
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -2201,7 +2201,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by xorg-server $as_me 1.2.99.903, which was
+It was created by xorg-server $as_me 1.2.99.905, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -2872,7 +2872,7 @@ fi
# Define the identity of the package.
PACKAGE='xorg-server'
- VERSION='1.2.99.903'
+ VERSION='1.2.99.905'
cat >>confdefs.h <<_ACEOF
@@ -3049,8 +3049,8 @@ DEFAULT_VENDOR_NAME_SHORT="X.Org"
DEFAULT_VERSION_MAJOR=1
DEFAULT_VERSION_MINOR=2
DEFAULT_VERSION_PATCH=99
-DEFAULT_VERSION_SNAP=903
-DEFAULT_RELEASE_DATE="26 March 2007"
+DEFAULT_VERSION_SNAP=905
+DEFAULT_RELEASE_DATE="05 April 2007"
DEFAULT_VENDOR_WEB="http://wiki.x.org";
ac_config_headers="$ac_config_headers include/do-not-use-config.h"
@@ -35149,7 +35149,7 @@ exec 6>&1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by xorg-server $as_me 1.2.99.903, which was
+This file was extended by xorg-server $as_me 1.2.99.905, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -35202,7 +35202,7 @@ Report bugs to <bug-autoconf@gnu.org>."
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-xorg-server config.status 1.2.99.903
+xorg-server config.status 1.2.99.905
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`\\"
diff --git a/debian/changelog b/debian/changelog
index 88b0157..dda32bf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+xorg-server (2:1.2.99.905-1) experimental; urgency=low
+
+ * New upstream release candidate.
+ + includes fix for CVE-2007-1003: XC-MISC Extension ProcXCMiscGetXIDList()
+ Memory Corruption.
+
+ -- Julien Cristau <[EMAIL PROTECTED]> Fri, 06 Apr 2007 12:05:40 +0200
+
xorg-server (2:1.2.99.903-1) experimental; urgency=low
[ Drew Parsons ]
commit 929174503122f0f7586158a185ee907046079085
Author: Julien Cristau <[EMAIL PROTECTED]>
Date: Fri Apr 6 11:33:42 2007 +0200
Revert "Build xserver-xorg-core-dbg."
This reverts commit 566bda1629188c083f71ca34fada16416aa45511.
I don't want 1.3 RC5 to wait in NEW, so revert the -dbg package for now.
diff --git a/debian/changelog b/debian/changelog
index f31573a..88b0157 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,3 @@
-xorg-server (2:1.2.99.903-2) experimental; urgency=low
-
- * Build the xserver-xorg-core-dbg package, which contains debugging symbols
- for Xorg and /usr/lib/xorg/modules/**/*.so
-
- -- Julien Cristau <[EMAIL PROTECTED]> Wed, 28 Mar 2007 17:00:17 +0200
-
xorg-server (2:1.2.99.903-1) experimental; urgency=low
[ Drew Parsons ]
diff --git a/debian/control b/debian/control
index 8dc39ef..c5a72b8 100644
--- a/debian/control
+++ b/debian/control
@@ -203,16 +203,16 @@ Description: Xprint - the X11 print system (configuration
files)
This package provides the configuration and postscript definition files
required to run Xprt, the Xprint server. Xprt is provided by xprint.
-Package: xserver-xorg-core-dbg
-Architecture: any
-Depends: xserver-xorg-core (= ${Source-Version})
-Priority: extra
-Description: Xorg - the X.Org X server (debugging symbols)
- The X.Org X server is an X server for several architectures and operating
- systems, which is derived from the XFree86 4.x series of X servers.
- .
- The X.Org server supports most modern graphics hardware from most vendors,
- and supersedes all XFree86 X servers.
- .
- This package provides debugging symbols for the Xorg X server and associated
- modules.
+#Package: xserver-xorg-core-dbg
+#Architecture: any
+#Depends: xserver-xorg-core (= ${Source-Version})
+#Priority: extra
+#Description: Xorg - the X.Org X server (debugging symbols)
+# The X.Org X server is an X server for several architectures and operating
+# systems, which is derived from the XFree86 4.x series of X servers.
+# .
+# The X.Org server supports most modern graphics hardware from most vendors,
+# and supersedes all XFree86 X servers.
+# .
+# This package provides debugging symbols for the Xorg X server and associated
+# modules.
diff --git a/debian/rules b/debian/rules
index 52bd348..adcce69 100755
--- a/debian/rules
+++ b/debian/rules
@@ -146,12 +146,12 @@ binary-arch: build install
dh_link -a
dh_strip -a --exclude=usr/lib/xorg/modules \
- --dbg-package=xserver-xorg-core
- for i in $$(find debian/xserver-xorg-core/usr/lib/xorg/modules -name
"lib*.so"); do \
- mkdir -p $$(dirname
debian/xserver-xorg-core-dbg/usr/lib/debug/$${i#*debian/xserver-xorg-core/}) &&
\
- objcopy --only-keep-debug $$i
debian/xserver-xorg-core-dbg/usr/lib/debug/$${i#*debian/xserver-xorg-core/} && \
- objcopy
--add-gnu-debuglink=debian/xserver-xorg-core-dbg/usr/lib/debug/$${i#*debian/xserver-xorg-core/}
$$i; \
- done
+ #--dbg-package=xserver-xorg-core
+# for i in $$(find debian/xserver-xorg-core/usr/lib/xorg/modules -name
"lib*.so"); do \
+# mkdir -p $$(dirname
debian/xserver-xorg-core-dbg/usr/lib/debug/$${i#*debian/xserver-xorg-core/}) &&
\
+# objcopy --only-keep-debug $$i
debian/xserver-xorg-core-dbg/usr/lib/debug/$${i#*debian/xserver-xorg-core/} && \
+# objcopy
--add-gnu-debuglink=debian/xserver-xorg-core-dbg/usr/lib/debug/$${i#*debian/xserver-xorg-core/}
$$i; \
+# done
ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
find debian/xserver-xorg-core/usr/lib/xorg/modules -name "lib*.so" | \
xargs --no-run-if-empty \
commit 970cacb264a597573e0927410dde5a3d3aa6549b
Author: Keith Packard <[EMAIL PROTECTED]>
Date: Thu Apr 5 23:48:40 2007 -0700
Bump to version 1.2.99.905 (1.3 RC5)
diff --git a/configure.ac b/configure.ac
index 2c69c30..360419c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -25,7 +25,7 @@ dnl Process this file with autoconf to create configure.
AC_PREREQ(2.57)
dnl This is the not the Xorg version number, it's the server version number.
dnl Yes, that's weird.
-AC_INIT([xorg-server], 1.2.99.904,
[https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
+AC_INIT([xorg-server], 1.2.99.905,
[https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
AC_CONFIG_SRCDIR([Makefile.am])
AM_INIT_AUTOMAKE([dist-bzip2 foreign])
AM_MAINTAINER_MODE
@@ -40,7 +40,7 @@ DEFAULT_VENDOR_NAME_SHORT="X.Org"
DEFAULT_VERSION_MAJOR=1
DEFAULT_VERSION_MINOR=2
DEFAULT_VERSION_PATCH=99
-DEFAULT_VERSION_SNAP=904
+DEFAULT_VERSION_SNAP=905
DEFAULT_RELEASE_DATE="05 April 2007"
DEFAULT_VENDOR_WEB="http://wiki.x.org";
commit 44c4bd5df3aae191be9fc836be26f91497d02901
Author: Matthieu Herrb <[EMAIL PROTECTED](none)>
Date: Tue Apr 3 15:47:18 2007 +0200
CVE-2007-1003: XC-MISC Extension ProcXCMiscGetXIDList() Memory Corruption
(cherry picked from commit 645d87cf8ef724d4591614f9994cdc4d7549a7a8)
diff --git a/Xext/xcmisc.c b/Xext/xcmisc.c
index f26218e..8c7a86e 100644
--- a/Xext/xcmisc.c
+++ b/Xext/xcmisc.c
@@ -42,6 +42,12 @@ from The Open Group.
#include <X11/extensions/xcmiscstr.h>
#include "modinit.h"
+#if HAVE_STDINT_H
+#include <stdint.h>
+#elif !defined(UINT32_MAX)
+#define UINT32_MAX 0xffffffffU
+#endif
+
#if 0
static unsigned char XCMiscCode;
#endif
@@ -143,7 +149,10 @@ ProcXCMiscGetXIDList(client)
REQUEST_SIZE_MATCH(xXCMiscGetXIDListReq);
- pids = (XID *)ALLOCATE_LOCAL(stuff->count * sizeof(XID));
+ if (stuff->count > UINT32_MAX / sizeof(XID))
+ return BadAlloc;
+
+ pids = (XID *)Xalloc(stuff->count * sizeof(XID));
if (!pids)
{
return BadAlloc;
@@ -164,7 +173,7 @@ ProcXCMiscGetXIDList(client)
client->pSwapReplyFunc = (ReplySwapPtr) Swap32Write;
WriteSwappedDataToClient(client, count * sizeof(XID), pids);
}
- DEALLOCATE_LOCAL(pids);
+ Xfree(pids);
return(client->noClientException);
}
commit 44ea7a3e0d8fa636f4e5dd392caf618120d98413
Author: Tomas Janousek <[EMAIL PROTECTED]>
Date: Wed Mar 28 14:46:30 2007 -0400
Bug #10296: Fix timer rescheduling.
(cherry picked from commit 8c7f56d92d8471ee059c14d322af5f7f555dd5c6)
diff --git a/os/WaitFor.c b/os/WaitFor.c
index ba227a3..d0f9f62 100644
--- a/os/WaitFor.c
+++ b/os/WaitFor.c
@@ -125,7 +125,7 @@ struct _OsTimerRec {
};
static void DoTimer(OsTimerPtr timer, CARD32 now, OsTimerPtr *prev);
-static void CheckAllTimers(CARD32 now);
+static void CheckAllTimers(void);
static OsTimerPtr timers = NULL;
/*****************
@@ -204,7 +204,7 @@ WaitForSomething(int *pClientsReady)
timeout = timers->expires - now;
if (timeout > 0 && timeout > timers->delta + 250) {
/* time has rewound. reset the timers. */
- CheckAllTimers(now);
+ CheckAllTimers();
}
if (timers) {
@@ -439,11 +439,14 @@ ANYSET(FdMask *src)
/* If time has rewound, re-run every affected timer.
* Timers might drop out of the list, so we have to restart every time. */
static void
-CheckAllTimers(CARD32 now)
+CheckAllTimers(void)
{
OsTimerPtr timer;
+ CARD32 now;
start:
+ now = GetTimeInMillis();
+
for (timer = timers; timer; timer = timer->next) {
if (timer->expires - now > timer->delta + 250) {
TimerForce(timer);
commit 042ef1f573d6e98756cc98c296bddd1aa9e4c8ca
Author: Keith Packard <[EMAIL PROTECTED]>
Date: Thu Apr 5 23:21:19 2007 -0700
Bump version to 1.2.99.904 (1.3 RC4)
diff --git a/configure.ac b/configure.ac
index 6ba4d03..2c69c30 100644
--- a/configure.ac
+++ b/configure.ac
@@ -25,7 +25,7 @@ dnl Process this file with autoconf to create configure.
AC_PREREQ(2.57)
dnl This is the not the Xorg version number, it's the server version number.
dnl Yes, that's weird.
-AC_INIT([xorg-server], 1.2.99.903,
[https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
+AC_INIT([xorg-server], 1.2.99.904,
[https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
AC_CONFIG_SRCDIR([Makefile.am])
AM_INIT_AUTOMAKE([dist-bzip2 foreign])
AM_MAINTAINER_MODE
@@ -40,8 +40,8 @@ DEFAULT_VENDOR_NAME_SHORT="X.Org"
DEFAULT_VERSION_MAJOR=1
DEFAULT_VERSION_MINOR=2
DEFAULT_VERSION_PATCH=99
-DEFAULT_VERSION_SNAP=903
-DEFAULT_RELEASE_DATE="26 March 2007"
+DEFAULT_VERSION_SNAP=904
+DEFAULT_RELEASE_DATE="05 April 2007"
DEFAULT_VENDOR_WEB="http://wiki.x.org";
dnl this gets generated by autoheader, and thus contains all the defines. we
commit 56262a4ee943f328d089a8eb4aa70b9a4bd5d135
Author: Keith Packard <[EMAIL PROTECTED]>
Date: Mon Apr 2 14:15:36 2007 -0700
Don't erase current crtc for outputs on CloseScreen
Erasing this variable causes some outputs (SDVO on intel) to fail
to be correctly reset at server reset time.
diff --git a/hw/xfree86/modes/xf86Crtc.c b/hw/xfree86/modes/xf86Crtc.c
index 7d86b66..325fb64 100644
--- a/hw/xfree86/modes/xf86Crtc.c
+++ b/hw/xfree86/modes/xf86Crtc.c
@@ -589,7 +589,6 @@ xf86CrtcCloseScreen (int index, ScreenPtr screen)
{
xf86OutputPtr output = config->output[o];
- output->crtc = NULL;
output->randr_output = NULL;
}
for (c = 0; c < config->num_crtc; c++)
commit 0889299a53867c730ea23782cbd0ddf866d2ba83
Author: Julien Cristau <[EMAIL PROTECTED]>
Date: Mon Apr 2 03:58:11 2007 +0200
Don't add /usr/X11R6 paths to the server default fontpath.
diff --git a/debian/rules b/debian/rules
index f450c43..52bd348 100755
--- a/debian/rules
+++ b/debian/rules
@@ -35,7 +35,7 @@ INSTALL=/usr/bin/install
confflags += --disable-static \
--enable-xorg \
--with-mesa-source=/usr/share/mesa-source \
-
--with-default-font-path="/usr/share/fonts/X11/misc,/usr/X11R6/lib/X11/fonts/misc,/usr/share/fonts/X11/cyrillic,/usr/share/fonts/X11/100dpi/:unscaled,/usr/share/fonts/X11/75dpi/:unscaled,/usr/share/fonts/X11/Type1,/usr/X11R6/lib/X11/fonts/Type1,/usr/share/fonts/X11/100dpi,/usr/share/fonts/X11/75dpi,/var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType"
\
+
--with-default-font-path="/usr/share/fonts/X11/misc,/usr/share/fonts/X11/cyrillic,/usr/share/fonts/X11/100dpi/:unscaled,/usr/share/fonts/X11/75dpi/:unscaled,/usr/share/fonts/X11/Type1,/usr/share/fonts/X11/100dpi,/usr/share/fonts/X11/75dpi,/var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType"
\
--with-serverconfig-path=/etc/X11/xserver \
--with-rgb-path=/etc/X11/rgb \
--enable-xtrap \
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
