IABSD.fr/xenocara/xserver/dix
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
dd403c0a | 2025-06-29 05:21:57 | Update to xserver 21.1.18. The security fixes have already been committed. | |
|
e8f2e774 | 2025-06-17 13:10:07 | Merge fixes from upstream for multiple Xserver issues: CVE-2025-49175: Out-of-bounds access in X Rendering extension (Animated cursors) CVE-2025-49176: Integer overflow in Big Requests Extension CVE-2025-49177: Data leak in XFIXES Extension 6 (XFixesSetClientDisconnectMode) CVE-2025-49178: Unprocessed client request via bytes to ignore CVE-2025-49179: Integer overflow in X Record extension CVE-2025-49180: Integer overflow in RandR extension (RRChangeProviderProperty) | |
|
c466e1c7 | 2025-06-14 12:29:51 | Backport the remaining bits of the modesetting driver in X.org master. Work done by tedu@. | |
|
dd8895c0 | 2025-06-14 12:22:29 | Backport TearFree page flips for the modesetting driver from X.Org maaster. Work done by jcs@ and naddy@. This is the TearFree code alone as of 2023-12-17. | |
|
9cdf3166 | 2025-06-14 12:16:56 | Revert the tearfree commit. It contains a merge error noticed by nadd@ It will be re-done without the merge error. | |
|
b454d6cc | 2025-06-09 18:18:36 | Backport TearFree page flips for the modesetting driver from X.Org maaster. Work done by tedu@ based on previous diffs by jcs@ and stsp@. One bug fix in master by me. tested and ok tb@. commit on behalf of tedu@ | |
|
3cfba106 | 2025-03-02 09:09:28 | Update to xserver 21.1.16. The security fixes were committed earlier. This is the rest of the 21.1.16 update. | |
|
04a5e9b4 | 2025-02-25 15:52:12 | Security fixes from X.Org advisory o February 25, 2025: CVE-2025-26594: Use-after-free of the root cursor CVE-2025-26595: Buffer overflow in XkbVModMaskText() CVE-2025-26596: Heap overflow in XkbWriteKeySyms() CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient() CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow() CVE-2025-26600: Use-after-free in PlayReleasedEvents() CVE-2025-26601: Use-after-free in SyncInitTrigger() | |
|
8886fdf6 | 2024-11-05 08:13:05 | Update to xserver 21.1.14. tested by tb@ The xkb security fix was committed earlier. This is the rest of the 21.1.14 update. | |
|
22034bbc | 2024-08-04 07:53:57 | Remove white space only diff with upstream | |
|
72350a05 | 2024-04-07 11:42:56 | Update to xserver 21.1.12 The security patches were already commited, sync with the rest of the 21.1.12 relase. | |
|
a6312240 | 2024-01-16 12:34:23 | Multiple issues have been found in the X server and Xwayland implementations: 1) CVE-2023-6816 can be triggered by passing an invalid array index to DeviceFocusEvent or ProcXIQueryPointer. 2) CVE-2024-0229 can be triggered if a device has both a button and a key class and zero buttons. 3) CVE-2024-21885 can be triggered if a device with a given ID was removed and a new device with the same ID added both in the same operation. 4) CVE-2024-21886 can be triggered by disabling a master device with disabled slave devices. 5) CVE-2024-0409 can be triggered by enabling SELinux xserver_object_manager and running a client. 6) CVE-2024-0408 can be triggered by enabling SELinux xserver_object_manager and creating a GLX PBuffer. | |
|
1df28399 | 2023-12-13 06:20:16 | Xi: allocate enough XkbActions for our buttons CVE-2023-6377 | |
|
f9c3f64c | 2023-10-29 16:45:32 | Update to xserver 21.1.9. All the security patches have already been committed. Udated autoconf to 2.71 explains the large build infrastructure diff. | |
|
39b52207 | 2023-10-25 05:16:39 | Fix several input validation errors in the X server CVE-2023-5367 CVE-2023-5380 CVE-2023-5574 | |
|
737e223e | 2023-05-01 07:41:17 | Merge X server 21.1.8. tested by kn@ and op@. | |
|
8c4424dd | 2023-01-22 09:21:08 | Add back the meson build system to xserver. Not having those file only create noise when merging upstream releases. | |
|
49a16717 | 2022-12-14 10:29:00 | Fix serveral X server input validation errors that can cause varios issues: * CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341/ZDI-CAN-19381: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342/ZDI-CAN-19400: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343/ZDI-CAN-19404: X.Org Server ScreenSaverSetAttributes use-after-free * CVE-2022-46344/ZDI-CAN-19405: X.Org Server XIChangeProperty out-of-bounds access * CVE-2022-46283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free | |
|
68328bb5 | 2022-08-31 11:25:18 | Update xserver to version 21.1.4. The security patches were already committed as part of july 24 errata. This brings a few other bug fixes. Tested by Walter Alejandro Iglesias. | |
|
c82bd5db | 2021-11-17 19:46:39 | Use the InternalEvent event structure in more places in events handlers. This fixes a crash when a DeviceEvent struct converted to InteralEvent was beeing copied as InternalEvent (and thus causing out of bounds reads) in ActivateGrabNoDelivery() | |
|
e086cf5a | 2021-11-11 09:03:02 | Update to xserver 21.1.0 | |
|
5bd77e16 | 2021-09-03 13:19:11 | Update to xserver 1.20.13. | |
|
56c8d99a | 2020-12-12 09:30:50 | Update X server to version 1.20.10. Tested by jsg@ and naddy@ | |
|
0a2f4bc7 | 2020-07-31 14:00:21 | fix for X Server Pixel Data Uninitialized Memory Information Disclosure CVE-2020-14347 This vulnerability was discovered and reported to X.Org by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative. | |
|
ac0e12b4 | 2020-04-14 17:29:21 | dix: do not send focus event when grab actually does not change upstream commit 364d64981549544213e2bca8de6ff8a5b2b5a69e Fixes an issue in xserver 1.20 where some applications were loosing focus. Naddy@ reported it appeards in SDL 1.2 games (burgerspace). tested and ok naddy@ | |
|
9064f8ee | 2020-04-13 08:06:58 | Update to xserver 1.20.8. ok jsg@ robert@ | |
|
9a532c54 | 2019-12-12 06:05:17 | Update to X server 1.20.6. Tested by naddy@ | |
|
a77e9959 | 2019-07-27 07:57:06 | Update to xserver 1.20.5. Tested by jsg@ | |
|
857585fc | 2018-02-18 17:16:37 | Update to xserver 1.19.6. bug fix release | |
|
1a66cad3 | 2017-12-08 15:01:59 | Update to xserver 1.19.5. Tested by bru@, jsg@ and others | |
|
f51fea01 | 2017-10-14 09:35:14 | MFC: Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176) | |
|
1862f548 | 2017-07-07 06:22:19 | Merge upstream fixes to the X event swapping code. (CVE-2017-10971 and CVE-2017-10972). | |
|
fd18c20e | 2016-10-11 22:14:30 | regen | |
|
6e1bcfb3 | 2016-08-09 18:59:50 | Update to xserver 1.18.4 tested by krw@ and dcoppa@ ok dcoppa@ | |
|
e927c03e | 2016-05-29 12:02:34 | Update to xserver 1.18.3. Tested by shadchin@ and naddy@. Note that indirect GLX is now disbled by default. | |
|
4c6a4e1e | 2015-11-07 16:48:51 | Update to xserver 1.17.4. tested by naddy@ | |
|
86ea9f12 | 2015-09-16 19:10:19 | Update to xserver 1.17.2. tested by dcoppa@, jsg@, jasper@ & naddy@ | |
|
5b19f6d7 | 2015-02-11 20:58:46 | Update to xserver 1.16.4. Contains fix for CVE-2015-0255. ok dcoppa@ | |
|
797ed933 | 2014-12-09 17:58:52 | Protocol handling issues in X Window System servers One year after Ilja van Sprundel, discovered and reported a large number of issues in the way the X server code base handles requests from X clients, they have been fixed. | |
|
1cfce7c2 | 2014-11-22 08:33:45 | Update to xserver 1.16.2 | |
|
4f58590a | 2014-09-27 17:52:59 | Update to xserver 1.16.1. Tested by naddy@, jsg@ & kettenis@ | |
|
3bbfe7b1 | 2014-05-02 19:27:46 | Update to xserver 1.15.1. Tested by at least ajacoutot@, dcoppa@ & jasper@ | |
|
511a911d | 2013-12-08 10:53:01 | Update to xserver 1.14.4 | |
|
63985638 | 2013-10-09 05:37:56 | Fix from upstreams for CVE-2013-4396 Use after free in Xserver handling of ImageText requests | |
|
5ae225f3 | 2013-09-28 15:36:30 | Update to xserver 1.14.3 | |
|
577763cd | 2013-08-24 19:44:25 | Uodate to xserver 1.14.2. Tested by krw@, shadchin@, todd@ | |
|
adec87cf | 2013-06-07 17:28:45 | Update to X server 1.14.1. Tested by many during t2k13. Thanks. | |
|
e26a212f | 2012-10-27 14:52:25 | Regen autotools build system with a clean environment. It was previously generated with a config pointing to OpenBSD's libtool which is not ready yet. | |
|
58d9658d | 2012-10-14 08:59:33 | regen | |
|
eb59960f | 2012-08-05 18:14:29 | regen autotools | |
|
fe11647d | 2012-08-05 18:11:37 | Update to xserver 1.12.3. | |
|
e60da745 | 2012-06-10 13:21:05 | Update to xserver 1.12.2. tested by naddy@, krw@, mpi@. | |
|
9576ef22 | 2012-01-31 07:52:35 | Update to xserver 1.11.4. tested by krw@, shadchin@. | |
|
4344ac39 | 2011-12-18 16:08:59 | Bugfix Update to xserver 1.11.3 | |
|
61a7d542 | 2011-11-05 13:32:40 | Update to xserver 1.11.2 | |
 |
b1e12912 | 2011-07-04 20:40:19 | Fix transformation of events supplying only a valuator for the y-coordinate. ok matthieu@ | |
|
a4d630d0 | 2011-06-29 19:57:45 | regen | |
|
4a238ea6 | 2011-04-02 16:08:38 | Update to xserver 1.9.5. Tested by jasper@, ajacoutot@ and krw@ | |
|
dd56fb17 | 2010-12-21 20:10:44 | Update to xorg-server 1.9.3. Tested by japser@, landry@ and ajacoutot@ in various configurations. | |
|
42826119 | 2010-12-05 15:36:02 | Upgrade to xorg-server 1.9.2. Tested by ajacoutot@, krw@, shadchin@ and jasper@ on various configurations including multihead with both zaphod and xrandr. | |
|
d57b1a14 | 2010-09-01 13:43:24 | regen (yes lots of files, since util-macros has been updated). | |
|
95d684a0 | 2010-07-27 19:02:24 | Update to xserver 1.8. Tested by many. Ok oga@, todd@. | |
|
49012820 | 2010-04-13 19:54:46 | Add a configure test for newer proto headers and use it to enable building xserver 1.6 with those headers. ok oga@. | |
|
8542099f | 2009-10-31 14:09:43 | Update to server 1.6.5. | |
|
88f6f3ea | 2009-09-06 19:44:18 | update to xserver 1.6.4rc1. Tested by many, ok oga@. | |
|
60021fe9 | 2008-11-02 15:26:08 | xserver 1.5.2. tested by ckuethe@, oga@, and others. | |
|
97eda178 | 2008-06-15 00:17:32 | Update to xserver 1.4.2. Tested by landry@, ckuethe@, jsing@ mbalmer@. | |
|
48bc8229 | 2008-05-24 20:39:01 | regen. | |
|
2610b1cd | 2008-02-20 21:25:15 | Fix for CVE-2007-3069 from X.Org git repository: Don't break grab and focus state for a window when redirecting it. Composite uses an unmap/map cycle to trigger backing pixmap allocation and cliprect recomputation when a window is redirected or unredirected. To avoid protocol visible side effects, map and unmap events are disabled temporarily. However, when a window is unmapped it is also removed from grabs and loses focus, but these state changes are not disabled. This change supresses the unmap side effects during the composite unmap/map cycle and fixes a bug where a compositing window manager would cause the screensaver to lose its grab when it unredirects the fullscreen lock window. | |
|
daec730a | 2008-02-11 22:59:20 | Remove empty unused files. | |
|
4ca84ce6 | 2008-01-17 15:44:49 | Fix from X.Org for CVE-2008-0006 - PCF Font parser buffer overflow. | |
 |
6189593a | 2008-01-04 14:01:04 | regen | |
|
67952fe2 | 2007-12-13 21:51:47 | Add back files that I removed before import to minimize cvs noise. That was a mistake. sorry. | |
|
b29102d7 | 2007-12-13 21:47:48 | Merge xserver 1.4.0.90. This includes fixes for some of the regressions introduced by xserver 1.4, such as the keyboad caps/num-lock leds updates. Tested by many. | |
|
2fcd9ee6 | 2007-12-13 21:06:02 | xserver 1.4.0.90 | |
|
f0802976 | 2007-11-25 15:32:26 | OpenBSD's still using the old xkb data files. So rules are called "xorg" not "base". | |
|
fa710f40 | 2007-11-24 19:04:00 | merge xserver 1.4, 1st pass | |
|
b14d6de7 | 2007-11-24 17:55:21 | xserver 1.4 | |
|
c7ebbd40 | 2007-05-25 16:20:45 | regen | |
|
fdc55d19 | 2007-04-17 22:06:12 | regen | |
|
6637a9a3 | 2007-03-18 22:29:12 | regen with automake 1.9.6p2 | |
|
9dc39873 | 2007-03-03 11:33:26 | regen | |
|
c3d03022 | 2006-12-16 20:59:13 | - merge xserver 1.1.99.903 - regen generated files | |
|
09421e78 | 2006-12-16 20:09:36 | xserver 1.1.99.903 from X.Org 7.2RC3 | |
|
11e9fb01 | 2006-11-28 20:33:06 | regen | |
|
c155af5f | 2006-11-28 20:29:31 | OpenBSD local modifications: - privilege separation - some snprintf/strlc{at,py} conversions - support for more architectures - signal handler fixes - default mouse wheel support in config tools - sunmouse protocol | |
|
97bfc260 | 2006-11-26 19:09:56 | regen with OpenBSD autotools | |
|
889b8606 | 2006-11-26 18:13:41 | Importing xserver from X.Org 7.2RC2 |