xorg-server: Changes to 'debian-squeeze'
debian/changelog | 8 ++
debian/patches/23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff | 33 ++++++++++
debian/patches/series | 1
3 files changed, 42 insertions(+)
New commits:
commit 4e399febdb96665aa109291be0847a7652800c4d
Author: Julien Cristau <jcristau@debian.org>
Date: Sun Apr 14 13:32:50 2013 +0200
Upload to squeeze-security
diff --git a/debian/changelog b/debian/changelog
index 26cf85e..0483e45 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,10 @@
-xorg-server (2:1.7.7-16) UNRELEASED; urgency=high
+xorg-server (2:1.7.7-16) squeeze-security; urgency=high
* xfree86: fix flush input to work with Linux evdev devices. Avoids
processing events sent when the server was inactive, potentially allowing
a user to capture passwords. Addresses CVE-2013-1940.
- -- Julien Cristau <jcristau@debian.org> Fri, 12 Apr 2013 15:13:24 +0200
+ -- Julien Cristau <jcristau@debian.org> Fri, 12 Apr 2013 15:47:37 +0200
xorg-server (2:1.7.7-15) squeeze; urgency=low
commit ffb8ce120b2a14740990e953b9402fde5ce721d0
Author: Julien Cristau <jcristau@debian.org>
Date: Fri Apr 12 15:18:34 2013 +0200
xfree86: fix flush input to work with Linux evdev devices.
Avoids processing events sent when the server was inactive, potentially
allowing a user to capture passwords. Addresses CVE-2013-1940.
diff --git a/debian/changelog b/debian/changelog
index 4d8d03c..75019e1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+xorg-server (2:1.7.7-14+squeeze1) UNRELEASED; urgency=high
+
+ * xfree86: fix flush input to work with Linux evdev devices. Avoids
+ processing events sent when the server was inactive, potentially allowing
+ a user to capture passwords. Addresses CVE-2013-1940.
+
+ -- Julien Cristau <jcristau@debian.org> Fri, 12 Apr 2013 15:13:24 +0200
+
xorg-server (2:1.7.7-14) squeeze; urgency=low
* GLX: add missing input sanitization (CVE-2010-4818). Also fix a couple
diff --git a/debian/patches/23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff b/debian/patches/23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff
new file mode 100644
index 0000000..343bac6
--- /dev/null
+++ b/debian/patches/23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff
@@ -0,0 +1,33 @@
+From 88394b5cf39f298ebaa9a8ce4ace9bef14c2c6ee Mon Sep 17 00:00:00 2001
+From: Dave Airlie <airlied@gmail.com>
+Date: Wed, 10 Apr 2013 16:09:01 +1000
+Subject: [PATCH] xf86: fix flush input to work with Linux evdev devices.
+
+So when we VT switch back and attempt to flush the input devices,
+we don't succeed because evdev won't return part of an event,
+since we were only asking for 4 bytes, we'd only get -EINVAL back.
+
+This could later cause events to be flushed that we shouldn't have
+gotten.
+
+This is a fix for CVE-2013-1940.
+
+Signed-off-by: Dave Airlie <airlied@redhat.com>
+---
+ hw/xfree86/os-support/shared/posix_tty.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+Index: xorg-server/hw/xfree86/os-support/shared/posix_tty.c
+===================================================================
+--- xorg-server.orig/hw/xfree86/os-support/shared/posix_tty.c
++++ xorg-server/hw/xfree86/os-support/shared/posix_tty.c
+@@ -475,7 +475,8 @@ xf86FlushInput(int fd)
+ {
+ fd_set fds;
+ struct timeval timeout;
+- char c[4];
++ /* this needs to be big enough to flush an evdev event. */
++ char c[126];
+
+ DebugF("FlushingSerial\n");
+ if (tcflush(fd, TCIFLUSH) == 0)
diff --git a/debian/patches/series b/debian/patches/series
index 231ba02..4e3310f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -21,3 +21,4 @@
20-randr-shadow-crashes.diff
21-device-mode-list.diff
22-stop-searching-for-xf86config-files
+23-xf86-fix-flush-input-to-work-with-Linux-evdev-device.diff
Reply to: