[ubuntu/focal-security] xorg-server 2:1.20.13-1ubuntu1~20.04.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Dec 14 18:08:05 UTC 2021
xorg-server (2:1.20.13-1ubuntu1~20.04.2) focal-security; urgency=medium
* SECURITY UPDATE: SProcRenderCompositeGlyphs out-of-bounds access
- debian/patches/CVE-2021-4008.patch: check lengths in render/render.c.
- CVE-2021-4008
* SECURITY UPDATE: SProcXFixesCreatePointerBarrier out-of-bounds access
- debian/patches/CVE-2021-4009.patch: use sizes in xfixes/cursor.c.
- CVE-2021-4009
* SECURITY UPDATE: SProcScreenSaverSuspend out-of-bounds access
- debian/patches/CVE-2021-4010.patch: fix logic in Xext/saver.c.
- CVE-2021-4010
* SECURITY UPDATE: SwapCreateRegister out-of-bounds access
- debian/patches/CVE-2021-4011.patch: fix length in record/record.c.
- CVE-2021-4011
xorg-server (2:1.20.13-1ubuntu1~20.04.1) focal; urgency=medium
* Backport to focal. (LP: #1947820, LP: #1949553)
- don't disable building xwayland
xorg-server (2:1.20.13-1ubuntu1) impish; urgency=medium
* Merge from Debian.
* modesetting-disable-reverse-prime-offload-udl.diff: Dropped,
upstream.
xorg-server (2:1.20.13-1) experimental; urgency=medium
* New upstream release.
xorg-server (2:1.20.11-1ubuntu2) impish; urgency=medium
* modesetting-disable-reverse-prime-offload-udl.diff: Fix a regression
on displaylink devices after mesa update. (LP: #1931547)
xorg-server (2:1.20.11-1ubuntu1) hirsute; urgency=medium
* Merge from Debian.
xorg-server (2:1.20.11-1) unstable; urgency=medium
* New upstream release.
- CVE-2021-3472
* Add signing key for Matt Turner.
xorg-server (2:1.20.10-3ubuntu7) hirsute; urgency=medium
* 300-mi-sprite-SaveUnderCursor2.patch: Drop duplicate entries.
xorg-server (2:1.20.10-3ubuntu6) hirsute; urgency=medium
* 300-mi-sprite-SaveUnderCursor2.patch: Fix cursor bleeding issue
(LP: #1911479).
The new function, miDCSaveUnderCursor2, is required by Xilinx armsoc driver
xorg-server (2:1.20.10-3ubuntu5) hirsute; urgency=medium
* Disable building xwayland.
xorg-server (2:1.20.10-3ubuntu4) hirsute; urgency=medium
* Disable building with lto, it's a 20+GB link not yet investigated.
xorg-server (2:1.20.10-3ubuntu3) hirsute; urgency=medium
* Stop building the udeb on request.
xorg-server (2:1.20.10-3ubuntu1) hirsute; urgency=medium
* Merge from Debian.
* patches: Drop upstreamed patches.
xorg-server (2:1.20.10-3) unstable; urgency=medium
[ Julien Cristau ]
* Drop workaround for mips* FTBFS added in 2:1.20.10-1, shouldn't be
necessary anymore with the change in 2:1.20.10-2.
[ Sven Joachim ]
* Recommend default-logind | logind rather than libpam-systemd in
xserver-xorg-core (Closes: #923198).
* Use mktemp rather than tempfile in xserver-xorg-legacy.postinst
(Closes: #979751).
* Use dpkg-vendor to get the vendor name, drop lsb-release from
Build-Depends.
[ Vagrant Cascadian ]
* Avoid embedding the running kernel version (Closes: #976898).
xorg-server (2:1.20.10-2) unstable; urgency=medium
* Stop defining inb/outb on mips, to fix FTBFS in some drivers with GCC 10
(closes: #978670).
xorg-server (2:1.20.10-1) unstable; urgency=medium
[ Timo Aaltonen ]
* New upstream release.
- CVE-2020-14360, CVE-2020-25712 (Closes: #976216)
* Drop patches:
- 0001-Revert-*: Reverted upstream in this version
- revert-hw-xfree86-avoid-cursor-use-after-free.diff: Issue fixed in this version
- revert-disabling-xss-for-rootless-xwayland.diff: Was resolved upstream as
being a client bug
* control: Add libnvidia-egl-wayland-dev to build-depends, enables
EGLStream support in xwayland.
[ Adrian Bunk ]
* rules: Add a workaround to fix build on mips*. (Closes: #975579)
xorg-server (2:1.20.9-2ubuntu3) hirsute; urgency=medium
* SECURITY UPDATE: out of bounds memory accesses on too short request
- debian/patches/CVE-2020-14360.patch: check SetMap request length
carefully in xkb/xkb.c.
- CVE-2020-14360
* SECURITY UPDATE: multiple heap overflows
- debian/patches/CVE-2020-25712.patch: add bounds checks in xkb/xkb.c.
- CVE-2020-25712
xorg-server (2:1.20.9-2ubuntu2) hirsute; urgency=medium
* fix-gtf-detection-for-edid-14.diff: Fix a regression in detecting
modes of an EDID 1.4 monitor. (LP: #1897530)
Date: 2021-12-14 16:04:11.571877+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list