-
xorg-server (2:1.3.0.0.dfsg-12ubuntu8.4) gutsy-security; urgency=low
* Fix multiple security issues:
+ CVE-2008-2360 - RENDER Extension heap buffer overflow
+ CVE-2008-2361 - RENDER Extension crash
+ CVE-2008-2362 - RENDER Extension memory corruption
+ CVE-2008-1379 - MIT-SHM arbitrary memory read
+ CVE-2008-1377 - RECORD and Security extensions memory corruption
-- Bryce Harrington <email address hidden> Wed, 11 Jun 2008 11:43:26 -0700
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu8.3) gutsy-security; urgency=low
* SECURITY UPDATE: multiple memory corruption flaws.
* Re-applied security patches from 2:1.3.0.0.dfsg-12ubuntu8.1.
* Updated fix_CVE-2007-6429.patch: upstream fixes for bbp < 8
crash regressions.
* References
http://gitweb.freedesktop.org/?p=xorg/xserver.git;a=commitdiff;h=e9fa7c1c88a8130a48f772c92b186b8b777986b5
-- Kees Cook <email address hidden> Fri, 18 Jan 2008 11:59:21 -0800
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu8.2) gutsy-security; urgency=low
* Revert previous security patch since it causes regressions.
(LP: #183969)
-- Martin Pitt <email address hidden> Fri, 18 Jan 2008 15:59:30 +0000
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu8.1) gutsy-security; urgency=low
* SECURITY UPDATE: multiple memory corruption flaws.
* Added fix_CVE-2007-5958.patch: upstream fix from Matthieu Herrb.
* Added fix_CVE-2007-5760.patch: backported upstream fixes
(bbde5b62a137ba726a747b838d81e92d72c1b42b) for XFree86 Misc extension out
of bounds array index.
* Added fix_CVE-2007-6427.patch: backported upstream fixes
(dd5e0f5cd5f3a87fee86d99c073ffa7cf89b0a27) for Xinput extension memory
corruption.
* Added fix_CVE-2007-6428.patch: backported upstream fixes
(7dc1717ff0f96b99271a912b8948dfce5164d5ad) for TOG-cup extension memory
corruption.
* Added fix_CVE-2007-6429.patch: backported upstream fixes
(6de61f82728df22ea01f9659df6581b87f33f11d) for MIT-SHM and EVI extensions
integer overflows.
* Added fix_CVE-2008-0006.patch: backported upstream fixes
(8e133d96740d010a4fd969a8188e6e71fb2cafe2) for PCF Font parser buffer
overflow.
-- Kees Cook <email address hidden> Thu, 17 Jan 2008 11:20:17 -0800
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu8) gutsy; urgency=low
* Add 145_glx_visuals_bound_check.patch to fix issue where mesa
incorrectly counts its visuals and can free too many of them during
video mode changes (VT switch, restart, hibernate, etc.) such as
when running Compiz. (closes LP: #127101)
-- Bryce Harrington <email address hidden> Fri, 28 Sep 2007 15:48:08 -0700
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu7) gutsy; urgency=low
* Drop 143_fedora_xserver-1.3.0-randr12-config-hack.patch
as it causes failure to detect proper resolution on some intel
hardware. (closes LP: #144956)
-- Bryce Harrington <email address hidden> Tue, 25 Sep 2007 14:42:59 -0700
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu6) gutsy; urgency=low
* Drop 214_Bug_9680-_Remove_bogus_blank_length_limiting_in_xf86SetModeCrtc.patch
as it is causing black bars to appear on screen for i810 users.
(closes LP: #137604 + several dupes)
-- Bryce Harrington <email address hidden> Thu, 20 Sep 2007 14:35:54 -0700
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu5) gutsy; urgency=low
[ Kees Cook ]
* debian/patches/132_composite-no-clipping.diff: Adjusted WindowRec
structure order and RedirectDraw logic to avoid nvidia crashes
(fixes LP: #130325).
* debian/patches/100_security_fdo-bug-7447.diff: Composite used for
pixmap population on redirect. [CVE-2007-4730]
-- Bryce Harrington <email address hidden> Tue, 18 Sep 2007 17:20:14 -0700
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu4) gutsy; urgency=low
* debian/patches/133_psb_auto.patch: Add automatic detection of
Poulsbo hardware when running without a Device definition.
* Added some cherry-picked patches from fedora:
- 134_fedorda_xorg-x11-server-1.1.1-vt-activate-is-a-terrible-api.patch:
Fixes race condition where someone does a VT_ACTIVATE
between another ACTIVATE/WAITACTIVE by adding a fail.
(Potentially might address Ubuntu bugs 134478 and/or 134982)
- 135_fedora_xorg-x11-server-1.1.1-xkb-in-xnest.patch: Fixes issue when
starting a session in an xnest nest environment as a different user,
where keyboard map does not get preserved. Removes
NO_HW_ONLY_EXTS check to address this issue. (RedHat bug 193431;
Potentially may address Ubuntu bug 44846)
- 136_fedora_xserver-1.2.0-honor-displaysize.patch: Fixes issue if monitor
width and height have been specified, xserver would override them
with the hsize/vsize detected from DDC.
- 137_fedora_xserver-1.2.0-vfprintf.patch: Fixes typo 'vfprinf'
- 138_fedora_xserver-1.3.0-default-dpi.patch: Changes default dpi to 100.
(Addresses Ubuntu bugs 118745, 107320, many others...)
- 139_fedora_xserver-1.3.0-document-fontpath-correctly.patch: Fixes
document fontpaths shown in the man page.
- 140_fedora_xserver-1.3.0-domain-obiwan.patch: Fixes longstanding bug in
domain support.
- 141_fedora_xserver-1.3.0-edid-quirk-backports.patch: Adds quirk for
Samsung SyncMaster 225BW.
- 142_fedora_xserver-1.3.0-no-pseudocolor-composite.patch: Composite on
8bpp pseudocolor root windows appears to fail, so just disable it
on anything pseudocolor for safety.
- 143_fedora_xserver-1.3.0-randr12-config-hack.patch: Adds check to use
the screen's xrandr modes if a preferred mode was not specified.
- 144_fedora_xserver-1.3.0-xnest-exposures.patch: Only collect xnest
exposures for xexposes with non-zero height and width.
-- Bryce Harrington <email address hidden> Fri, 7 Sep 2007 14:23:23 -0700
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu3) gutsy; urgency=low
* Added some cherry-picked patches from xserver 1.3.99:
- 202_Add_quirk_for_Acer_AL1706_monitor_to_force_60hz_refresh.patch:
The Acer AL1706 monitor reports support for 75hz via EDID, but
does not sync when this range is given, so force it to 60hz.
- 205_Bug_10770-_Inputdevs_isnt_a_valid_config_file_keyword.patch:
Fixes typo in config file parser.
- 208_Bug_6620-_Fixed_a_missing_else_in_ATIPseudoDMAInit.patch:
Fixes issue where registers were written twice on R200, sometimes
also putting bad values in atis->cce_pri_size.
- 214_Bug_9680-_Remove_bogus_blank_length_limiting_in_xf86SetModeCrtc.patch:
Fixes situation where when a specific mode is requested by monitor
or user, xorg would tweak it to something incorrect.
- 216_Bug_9041-_Check_the_return_code_in_xf86MapDomainMemory.patch:
Fixes issue where mmap return value was being ignored and failing
to issue fatal error as it should.
- 221_ExaOffscreenMarkUsed-_Dont_crash_when_theres_no_offscreen_memory.patch:
Fixes crash when there is no offscreen memory for EXA.
- 222_Fix_a_crash_when_rotating_the_screen.patch:
Fixes crash when rotating screen with xrandr.
- 223_Fix_bug_8871-scrolling_corruption_with_a_compositing_manager.patch:
Fixes scrolling corruption with composite due to incorrectly
generated GraphicsExposes.
- 224_Fix_calculations_in_x86_emulator_for_the_long_long_case_Andreas_Schwab.patch:
Fixes long long multiplication when in x86 emulator.
- 227_Fix_sync_polarity_on_Samsung_SyncMaster_205BW_monitor.patch:
Adds quirk for Samsung SyncMaster 205BW
- 230_In___glXCreateARGBConfig_insert_the_new_GL_mode_at_the__end__of_the_linked_list.patch:
Fixes insertion order of linked list that can cause GLX clients to
fail when attempting to use the last GLX mode/visual.
- 231_In_dmxBackendMouGetInfo_initialize_the_info-minval_maxval_arrays_to_the_size_of_the_backend_display.patch:
Fixes potential issue in X input where axis clipping code in
GetPointerEvents() constrains the pointer's coordinate range to a
max of 0, causing the mouse to not move.
- 234_Reapply_patch_to_fix_AMD_CPU_detection.patch:
Fixes AMD Geode CPU detection.
- 236_Syncmaster_226_monitor_needs_60Hz_refresh_10545.patch:
Adds quirk for Samsung SyncMaster 226BW.
- 238_Update_pci.ids_to_2007-07-16_snapshot.patch:
Updates our pci ids to support more current hardware.
Remove nvidia ids in extrapci.ids that are now in pci.ids.
Add nvidia ids to extrapci.ids that are in xf86-video-nv but not pci.ids
- 241_XFree86-_Treat_evdev_and_vmmouse_as_mouse_drivers_bug_10512_10559.patch:
Fix issue where a default mouse device gets automatically added
when an evdev or vmmouse section has already been specified.
- 243_exaDriverInit-_Fail_if_pScreenInfo_or_a_member_of_it_is_invalid.patch:
Fix crash in EXA when pScreenInfo or a member of it is invalid.
- 244_fix_an_occasional_crash_in_GetWindowName_bug-_9798.patch:
Fixes crash by adding check of XmbTextPropertyToTextList()'s
return code.
- 245_regenerated_to_fix_bug_10371.patch:
Fixes issue where if DRI is disabled, GL_MAX_TEXTURE_COORDS_ARB
value is not returned correctly from glGetIntegerv().
-- Bryce Harrington <email address hidden> Fri, 31 Aug 2007 18:36:22 -0700
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu2) gutsy; urgency=low
* Don't send a configuration change event just because somebody's pressed
a brightness key
-- Matthew Garrett <email address hidden> Sun, 26 Aug 2007 16:17:15 +0100
-
xorg-server (2:1.3.0.0.dfsg-12ubuntu1) gutsy; urgency=low
* Merge from debian unstable, remaining changes:
- debian/control:
+ set Conflicts: xkb-data (<< 0.9), since xkb-path is
different from previous releases
+ do not Conflict with xserver-xorg-video
+ xvfb Depends on xauth, xfonts-base
+ Set Maintainer to Ubuntu Core Developers
- debian/rules:
+ --with-os-vendor=Ubuntu
- debian/xserver-xorg-core.install:
+ Add ioport, pcitweak, scanpci scripts & man pages
- debian/patches:
+ 102_ubuntu_sharevts_load_cpu.patch:
close console fd only when ShareVTs
+ 104_fedora_init_origins_fix.patch:
multihead initialization
+ 106_ubuntu_fpic_libxf86config.patch:
Add -fPIC to makefiles for xfree86/parser
+ 107_fedora_dont_backfill_bg_none.patch
110_fedora_no_move_damage.patch,
114_fedora_no_composite_in_xnest.patch,
120_fedora_disable_offscreen_pixmaps.patch:
further aiglx support
+ 119_ubuntu_enable_composite.diff:
enable composite
+ 121_only_switch_vt_when_active.diff:
Add a check to prevent the X server from changing the VT when killing
GDM from the console.
+ 123_no_composite_for_xvfb_run.patch:
use "-extension Composite" to fix xvfb-run crashing
+ 125_glx_remove-stray__GLinterface.diff,
126_glxproxy_remove-stray__GLinterface.diff,
127_mesa-6.5.3-compat.diff:
Patches needed to build against newer Mesa.
+ 132_composite-no-clipping.diff:
Change the semantics of manual-redirect Composite windows so that
they do not clip sibling or parent drawing. Needed by hildon-desktop
to prevent home applets from clipping.
- debian/apport.py: Add apport hook for automatically attaching
files useful for debugging X crashes: Xorg.0.log, xorg.conf,
lsmod, lspci, and /proc/version
-- Timo Aaltonen <email address hidden> Tue, 21 Aug 2007 22:01:38 +0300
-
xorg-server (2:1.3.0.0.dfsg-6ubuntu3) gutsy; urgency=low
* debian/patches/series:
- Re-enable 132_composite-no-clipping.diff with fix from upstream
-- Bryce Harrington <email address hidden> Wed, 25 Jul 2007 16:39:29 -0700
-
xorg-server (2:1.3.0.0.dfsg-6ubuntu2) gutsy; urgency=low
* debian/patches/series:
- don't apply 132_composite-no-clipping.diff for now, it doesn't work
correctly when using compiz
-- Sebastien Bacher <email address hidden> Fri, 13 Jul 2007 17:03:42 +0100
-
xorg-server (2:1.3.0.0.dfsg-6ubuntu1) gutsy; urgency=low
* Merge from Debian unstable. Remaining Ubuntu changes:
- debian/control:
+ set Conflicts: xkb-data (<< 0.9), since xkb-path is
different from previous releases
+ do not Conflict with xserver-xorg-video
+ xvfb Depends on xauth, xfonts-base
+ Set Maintainer to Ubuntu Core Developers
- debian/rules:
+ build using -fno-stack-protector
+ --with-os-vendor=Ubuntu
- debian/xserver-xorg-core.install:
+ Add ioport, pcitweak, scanpci scripts & man pages
- debian/patches:
+ 102_ubuntu_sharevts_load_cpu.patch:
close console fd only when ShareVTs
+ 104_fedora_init_origins_fix.patch:
multihead initialization
+ 106_ubuntu_fpic_libxf86config.patch:
Add -fPIC to makefiles for xfree86/parser
+ 107_fedora_dont_backfill_bg_none.patch:
Re-enable to see if it helps with performance regressions.
+ 108_fedora_gl_include_inferiors.patch,
110_fedora_no_move_damage.patch,
114_fedora_no_composite_in_xnest.patch:
further aiglx support
+ 119_ubuntu_enable_composite.diff:
enable composite
+ 120_fedora_disable_offscreen_pixmaps.patch:
update to the latest version from Fedora (rev. 1.6, was 1.1)
Despite being a hack, it works and is needed for compositing
managers to work properly.
+ 121_only_switch_vt_when_active.diff:
Add a check to prevent the X server from changing the VT when killing
GDM from the console.
+ 123_no_composite_for_xvfb_run.patch:
use "-extension Composite" to fix xvfb-run crashing
- 125_glx_remove-stray__GLinterface.diff,
126_glxproxy_remove-stray__GLinterface.diff,
127_mesa-6.5.3-compat.diff:
Mesa 6.5.3 build support
* debian/apport.py: Add apport hook for automatically attaching
files useful for debugging X crashes: Xorg.0.log, xorg.conf,
lsmod, lspci, and /proc/version
* debian/patches/132_composite-no-clipping.diff: Change the
semantics of manual-redirect Composite windows so that they do not
clip sibling or parent drawing. Needed by hildon-desktop to prevent
home applets from clipping.
-- Bryce Harrington <email address hidden> Mon, 2 Jul 2007 12:47:44 -0700
-
xorg-server (2:1.3.0.0.dfsg-4ubuntu2) gutsy; urgency=low
* Build-Depend on mesa 6.5.3
* Apply Mandriva patches to build against mesa 6.5.3
- 125_glx_remove-stray__GLinterface.diff
- 126_glxproxy_remove-stray__GLinterface.diff
- 127_mesa-6.5.3-compat.diff
-- Kyle McMartin <email address hidden> Sat, 26 May 2007 18:12:35 +0000
-
xorg-server (2:1.3.0.0.dfsg-4ubuntu1) gutsy; urgency=low
* Merge from Debian unstable. Remaining Ubuntu changes:
- debian/control:
+ set Conflicts: xkb-data (<< 0.9), since xkb-path is
different from previous releases
+ do not Conflict with xserver-xorg-video
+ xvfb Depends on xauth, xfonts-base
+ Set Maintainer to Ubuntu Core Developers
- debian/rules:
+ build using -fno-stack-protector
+ --with-os-vendor=Ubuntu
- debian/xserver-xorg-core.install:
+ Add ioport, pcitweak, scanpci scripts & man pages
- debian/patches:
+ 102_ubuntu_sharevts_load_cpu.patch:
close console fd only when ShareVTs
+ 104_fedora_init_origins_fix.patch:
multihead initialization
+ 106_ubuntu_fpic_libxf86config.patch:
Add -fPIC to makefiles for xfree86/parser
+ 107_fedora_dont_backfill_bg_none.patch:
Re-enable to see if it helps with performance regressions.
+ 108_fedora_gl_include_inferiors.patch,
110_fedora_no_move_damage.patch,
114_fedora_no_composite_in_xnest.patch:
further aiglx support
+ 119_ubuntu_enable_composite.diff:
enable composite
+ 120_fedora_disable_offscreen_pixmaps.patch:
update to the latest version from Fedora (rev. 1.6, was 1.1)
Despite being a hack, it works and is needed for compositing
managers to work properly.
+ 121_only_switch_vt_when_active.diff:
Add a check to prevent the X server from changing the VT when killing
GDM from the console.
+ 123_no_composite_for_xvfb_run.patch:
use "-extension Composite" to fix xvfb-run crashing
* Drop 124_fix-pdripriv_null_deref.patch. Already fixed in GLX code.
See upstream FDO bug #8537
xorg-server (2:1.3.0.0.dfsg-4) unstable; urgency=low
* Cherry-pick patch from upstream git to fix security issue in the Xrender
extension: malicious clients can cause a division by zero in the server
(closes: #422936). Reference: CVE-2007-2437. Thanks, Micah Anderson!
xorg-server (2:1.3.0.0.dfsg-3) unstable; urgency=low
* Include 94_use_default_font_path.diff. This patch is like Eugene's patch
to always look in the default font path from the past, but now we provide
an option to disable looking in the default font path at runtime. This
will allow people to specify additional font paths in their xorg.conf
without losing their current paths. This will also help avoid people
having ye olde "fixed font" problem.
* Fix compilation warnings for 05_module_defaults.diff. Previously the patch
used a generic pointer for the options record, but now we use the actual
XF86OptionsPtr type.
xorg-server (2:1.3.0.0.dfsg-2) unstable; urgency=low
* Add Brice Goglin's fix for 05_module_defaults.diff, so that it also works
when there is no module section at all. Thanks to Michel Dänzer for
helping also.
xorg-server (2:1.3.0.0.dfsg-1) unstable; urgency=low
* Upload to unstable.
* Add XS-Vcs-* to debian/control.
* Remove non-free file hw/xfree86/doc/README.DRI from the upstream tarball.
* Bump serverminver to 2:1.3.0.0.
xorg-server (2:1.3.0.0-1) experimental; urgency=low
* New upstream release
xorg-server (2:1.2.99.905-3) experimental; urgency=low
[ Julien Cristau ]
* xvfb now Recommends: xfonts-base (closes: #314598).
[ David Nusinow ]
* Add 05_module_defaults.diff. This provides default modules loading
capabilities for the server that may be overrided easily. Previously the
server would load a set of default modules, but only if none were
specified in the xorg.conf, or if you didn't have a xorg.conf at all. This
patch provides a default set and you can add only the "Load" instructions
to xorg.conf that you want without losing the defaults. Similarly, if you
don't want to load a module that's loaded by default, you can add
"Disable modulename" to your xorg.conf (see man xorg.conf in this release
for details). See upstream bug #10541 for more.
xorg-server (2:1.2.99.905-2) experimental; urgency=low
* Install the cvt and gtf utilities and their manpages (closes: #414792).
* Build the xserver-xorg-core-dbg package, which contains debugging symbols
for Xorg and /usr/lib/xorg/modules/**/*.so
xorg-server (2:1.2.99.905-1) experimental; urgency=low
* New upstream release candidate.
+ includes fix for CVE-2007-1003: XC-MISC Extension ProcXCMiscGetXIDList()
Memory Corruption.
xorg-server (2:1.2.99.903-1) experimental; urgency=low
[ Drew Parsons ]
* Add exclude entries to dh_install in debian/rules.
[ Julien Cristau ]
* Prepare packaging to ship debugging symbols for xserver-xorg-core in
xserver-xorg-core-dbg, but leave it commented out so we can get rc3 in the
archive first.
* New upstream release candidate.
+ bump serverminver to 2:1.2.99.903.
xorg-server (2:1.2.99.902-1) experimental; urgency=low
[ Drew Parsons ]
* Bring xprint back into the xorg fold.
- include existing patches:
- 91_ttf2pt1 allows Xprint to use ttf2pt1 for Type1 font handling
(but extract and apply manually the patch to
hw/xprint/ps/Makefile.am so it may be applied by autoconf)
- 91_ttf2pt1_updates brings ttf2pt1 into the modern X11R7.1 world
- 92_xprint-security-holes-fix.patch places PS/PDF file output
into the user's home directory (~/Xprintjobs), more secure than
a shared /tmp/Xprintjobs
- 93_spooltodir_check_file_exists ensures output filenames are
less than 256 characters in length
- 93_xprint_fonts_fix released references to font names after use.
- enable freetype support for Xprint.
- add descriptions to debian/control and Build-Dependency on
x11proto-print-dev
* Run autoreconf to update changes to hw/xprint/ps/Makefile.am.
[ Brice Goglin ]
* Apply patch from <email address hidden> to our xvfb-run wrapper
to check whether Xvfb started ok and fix its cleanup
(closes: #351042).
[ Julien Cristau ]
* New upstream release candidate.
* Bump serverminver to 2:1.2.99.902.
* Drop patch 42_build_int10_submodules.diff, and use x86emu on all
architectures instead (closes: #410879).
* Refresh patches:
+ 12_security_policy_in_etc.diff
+ 21_glx_align_fixes.patch
+ 23_kfreebsd_support.diff
* Delete a few files generated by configure on clean, since they seem to
have been included in the tarball.
xorg-server (2:1.2.99.901-1) experimental; urgency=low
* New upstream release candidate.
+ Remove patches 24 (hurd support), 35 (randr byteswap) and 43 (set damage
version), applied upstream.
+ Bump build-dep on x11proto-randr-dev to >= 1.2, and on
x11proto-damage-dev to >= 1.1.
xorg-server (2:1.2.0-6) experimental; urgency=low
* Set videoabiver to 1.0, same as in xorg-server 1.1.
xorg-server (2:1.2.0-5) experimental; urgency=low
* Add input ABI versioning metadata. Rename serverabiver file to
videoabiver, and add inputabiver. Bump serverminver to 2:1.2.0-5 to deal
with this change.
xorg-server (2:1.2.0-4) experimental; urgency=low
[ Julien Cristau ]
* Don't strip modules when DEB_BUILD_OPTIONS contains nostrip. Thanks,
Cyril Brulebois!
[ David Nusinow ]
* Move serverabiver file to serverminver. Use serverabiver to store the
actual video ABI version number (1.1 right now). This will allow drivers
to automatically generate their Provides: xserver-xorg-video-* line when
built against a particular server version. The rename of the files
is to better denote what they actually are.
* Bump the serverminver to 2:1.2.0-4 because of this change
-- Bryce Harrington <email address hidden> Mon, 14 May 2007 16:40:03 -0700
-
xorg-server (2:1.2.0-3ubuntu8) feisty; urgency=low
* SECURITY UPDATE: arbitrary code execution with root privs via integer
overflows in MISC-XC.
* Add debian/patches/131_misc_xc_overflows.patch: upstream fixes.
* References
CVE-2007-1003
-- Kees Cook <email address hidden> Thu, 29 Mar 2007 17:46:44 -0700
