mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-26 22:38:07 -05:00
gnu: xorg-server: Update replacement to 1.20.9 [security-fixes].
Includes fixes for CVE-2020-1436, CVE-2020-14345, CVE-2020-14346, and CVE-2020-14361. * gnu/packages/xorg.scm (xorg-server/fixed): Update to 1.20.9. * gnu/packages/patches/xorg-server-CVE-2020-14347.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
This commit is contained in:
parent
2ab8e6067c
commit
6e7bede9be
3 changed files with 7 additions and 38 deletions
|
@ -1674,7 +1674,6 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/xf86-video-voodoo-pcitag.patch \
|
||||
%D%/packages/patches/xfce4-panel-plugins.patch \
|
||||
%D%/packages/patches/xfce4-settings-defaults.patch \
|
||||
%D%/packages/patches/xorg-server-CVE-2020-14347.patch \
|
||||
%D%/packages/patches/xplanet-1.3.1-cxx11-eof.patch \
|
||||
%D%/packages/patches/xplanet-1.3.1-libdisplay_DisplayOutput.cpp.patch \
|
||||
%D%/packages/patches/xplanet-1.3.1-libimage_gif.c.patch \
|
||||
|
|
|
@ -1,33 +0,0 @@
|
|||
From aac28e162e5108510065ad4c323affd6deffd816 Mon Sep 17 00:00:00 2001
|
||||
From: Matthieu Herrb <matthieu@herrb.eu>
|
||||
Date: Sat, 25 Jul 2020 19:33:23 +0200
|
||||
Subject: [PATCH] fix for ZDI-11426
|
||||
|
||||
Avoid leaking un-initalized memory to clients by zeroing the
|
||||
whole pixmap on initial allocation.
|
||||
|
||||
This vulnerability was discovered by:
|
||||
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
|
||||
|
||||
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
|
||||
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
||||
---
|
||||
dix/pixmap.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/dix/pixmap.c b/dix/pixmap.c
|
||||
index 1186d7dbb..5a0146bbb 100644
|
||||
--- a/dix/pixmap.c
|
||||
+++ b/dix/pixmap.c
|
||||
@@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
|
||||
if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
|
||||
return NullPixmap;
|
||||
|
||||
- pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
|
||||
+ pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
|
||||
if (!pPixmap)
|
||||
return NullPixmap;
|
||||
|
||||
--
|
||||
2.27.0
|
||||
|
|
@ -5447,15 +5447,18 @@ (define-public xorg-server
|
|||
draggable titlebars and borders.")
|
||||
(license license:x11)))
|
||||
|
||||
(define xorg-server/fixed ; Fixes CVE-2020-14347
|
||||
(define xorg-server/fixed ; security fixes
|
||||
(package
|
||||
(inherit xorg-server)
|
||||
(version "1.20.9")
|
||||
(source
|
||||
(origin
|
||||
(inherit (package-source xorg-server))
|
||||
(patches
|
||||
(append (origin-patches (package-source xorg-server))
|
||||
(search-patches "xorg-server-CVE-2020-14347.patch")))))))
|
||||
(uri (string-append "mirror://xorg/individual/xserver/"
|
||||
"xorg-server-" version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"0w9mrnffvjgmwi50kln15i8rpdskxv97r78l75wlcmg4vzhg46g2"))))))
|
||||
|
||||
;; This package is intended to be used when building GTK+.
|
||||
;; Note: It's currently marked as "hidden" to avoid having two non-eq?
|
||||
|
|
Loading…
Reference in a new issue