xorg-server: Changes to 'refs/tags/xorg-server-2_1.19.2-1+deb9u2'
Tag 'xorg-server-2_1.19.2-1+deb9u2' created by Julien Cristau <jcristau@debian.org> at 2017-10-16 07:36 +0000
Tagging upload of xorg-server 2:1.19.2-1+deb9u2 to stretch-security.
-----BEGIN PGP SIGNATURE-----
iQJIBAABCAAyFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAlnkYYIUHGpjcmlzdGF1
QGRlYmlhbi5vcmcACgkQnbAjVVb4z63jrRAAn5yHUpZXuOmZCE2xE4Tk5oRaSTLF
NAdOGOW5eyjIEgHoHDgex5h5Srm9BXn/CjS4ccXBoFrn/3LNKWRTNZMYymenXMFa
0JkNReBTNVdMTjUlezZort6VlrMuo8BZLoQcFy90Bd01QhMoT5bcFQcyFeJ37z1a
//HfkrZuevFAYF8b1x05fgtPwMxV884vaQiXS3k+2HnA4Kn0spA50xirRXEkbhu4
/jRI96RJ1dumjjuY298p16Eo8yooMgpdZWIENtG3lDnJ8PfHLqSLqJpUyYKmX7O2
YGB7uJ3fjjrdKzM+5A0fS6D8TiNmNt9yh0ZJDCgrjwIDSc505UVe/fPMFWiaDcXM
3W4Ag92KNPUJR9TbqyHFGQ4O/hmTswg8a3mKYhQMWdduWD8NrT6uFzZXVIgol19F
fjiXTZqpAGBwtKXherR4I9wSBdVenWJs4tf9xW3DsaHqM+dJGtikNKVt9PVXmugW
1BBmSXZMMAbfPwmhYw8w7508QqjFQthNFdRi6r4+R6PjHHqhoqqr16J38LaP2idb
xhaH/Qn7BmHxUdjSdpQksYgCdtvoghN69HAb5qI9dwaur+4zHgHQI7lPpY5SUvM6
Vo7KaN5H9b/7Kg9zqvoRbmTahG0v1Lj6nhevYQnhDBTh1vYRcZ5oRL0kgwiekzUI
SExdcVGPbvmPjBs=
=x+/D
-----END PGP SIGNATURE-----
Changes since xorg-server-2_1.19.2-1:
Julien Cristau (4):
Import 2:1.19.2-1+deb9u1 security update
Update changelog
Update changelog
Upload to stretch-security
Keith Packard (1):
xkb: Handle xkb formated string output safely (CVE-2017-13723)
Michal Srb (4):
Xi: Test exact size of XIBarrierReleasePointer
Xext/shm: Validate shmseg resource id (CVE-2017-13721)
xkb: Escape non-printable characters correctly.
os: Make sure big requests have sufficient length.
Nathan Kidd (7):
Unvalidated lengths
xfixes: unvalidated lengths (CVE-2017-12183)
hw/xfree86: unvalidated lengths
Xi: integer overflow and unvalidated length in (S)ProcXIBarrierReleasePointer
Xi: fix wrong extra length check in ProcXIChangeHierarchy (CVE-2017-12178)
dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo (CVE-2017-12177)
Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176)
Tobias Stoeckmann (1):
render: Fix out of boundary heap access
---
Xext/panoramiX.c | 3
Xext/saver.c | 2
Xext/shm.c | 1
Xext/vidmode.c | 129 +++++-----
Xext/xres.c | 4
Xext/xvdisp.c | 4
Xi/xibarriers.c | 12
Xi/xichangehierarchy.c | 2
dbe/dbe.c | 5
debian/changelog | 36 ++
debian/patches/07_dix-Disallow-GenericEvent-in-SendEvent-request.patch | 70 +++++
debian/patches/08_Xi-Verify-all-events-in-ProcXSendExtensionEvent.patch | 49 +++
debian/patches/09_Xi-Do-not-try-to-swap-GenericEvent.patch | 44 +++
debian/patches/10_Xi-Zero-target-buffer-in-SProcXSendExtensionEvent.patch | 38 ++
debian/patches/series | 4
dix/dispatch.c | 7
hw/dmx/dmxpict.c | 2
hw/xfree86/common/xf86DGA.c | 81 +++---
hw/xfree86/dri/xf86dri.c | 1
os/io.c | 5
pseudoramiX/pseudoramiX.c | 3
render/render.c | 7
xfixes/cursor.c | 5
xfixes/region.c | 3
xfixes/saveset.c | 1
xfixes/xfixes.c | 1
xkb/xkbtext.c | 42 +--
27 files changed, 435 insertions(+), 126 deletions(-)
---
Reply to: