[ubuntu/focal-security] xorg-server 2:1.20.13-1ubuntu1~20.04.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Dec 14 18:08:05 UTC 2021

xorg-server (2:1.20.13-1ubuntu1~20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: SProcRenderCompositeGlyphs out-of-bounds access
    - debian/patches/CVE-2021-4008.patch: check lengths in render/render.c.
    - CVE-2021-4008
  * SECURITY UPDATE: SProcXFixesCreatePointerBarrier out-of-bounds access
    - debian/patches/CVE-2021-4009.patch: use sizes in xfixes/cursor.c.
    - CVE-2021-4009
  * SECURITY UPDATE: SProcScreenSaverSuspend out-of-bounds access
    - debian/patches/CVE-2021-4010.patch: fix logic in Xext/saver.c.
    - CVE-2021-4010
  * SECURITY UPDATE: SwapCreateRegister out-of-bounds access
    - debian/patches/CVE-2021-4011.patch: fix length in record/record.c.
    - CVE-2021-4011

xorg-server (2:1.20.13-1ubuntu1~20.04.1) focal; urgency=medium

  * Backport to focal. (LP: #1947820, LP: #1949553)
    - don't disable building xwayland

xorg-server (2:1.20.13-1ubuntu1) impish; urgency=medium

  * Merge from Debian.
  * modesetting-disable-reverse-prime-offload-udl.diff: Dropped,

xorg-server (2:1.20.13-1) experimental; urgency=medium

  * New upstream release.

xorg-server (2:1.20.11-1ubuntu2) impish; urgency=medium

  * modesetting-disable-reverse-prime-offload-udl.diff: Fix a regression
    on displaylink devices after mesa update. (LP: #1931547)

xorg-server (2:1.20.11-1ubuntu1) hirsute; urgency=medium

  * Merge from Debian.

xorg-server (2:1.20.11-1) unstable; urgency=medium

  * New upstream release.
    - CVE-2021-3472
  * Add signing key for Matt Turner.

xorg-server (2:1.20.10-3ubuntu7) hirsute; urgency=medium

  * 300-mi-sprite-SaveUnderCursor2.patch: Drop duplicate entries.

xorg-server (2:1.20.10-3ubuntu6) hirsute; urgency=medium

  * 300-mi-sprite-SaveUnderCursor2.patch: Fix cursor bleeding issue
    (LP: #1911479).
    The new function, miDCSaveUnderCursor2, is required by Xilinx armsoc driver

xorg-server (2:1.20.10-3ubuntu5) hirsute; urgency=medium

  * Disable building xwayland.

xorg-server (2:1.20.10-3ubuntu4) hirsute; urgency=medium

  * Disable building with lto, it's a 20+GB link not yet investigated.

xorg-server (2:1.20.10-3ubuntu3) hirsute; urgency=medium

  * Stop building the udeb on request.

xorg-server (2:1.20.10-3ubuntu1) hirsute; urgency=medium

  * Merge from Debian.
  * patches: Drop upstreamed patches.

xorg-server (2:1.20.10-3) unstable; urgency=medium

  [ Julien Cristau ]
  * Drop workaround for mips* FTBFS added in 2:1.20.10-1, shouldn't be
    necessary anymore with the change in 2:1.20.10-2.

  [ Sven Joachim ]
  * Recommend default-logind | logind rather than libpam-systemd in
    xserver-xorg-core (Closes: #923198).
  * Use mktemp rather than tempfile in xserver-xorg-legacy.postinst
    (Closes: #979751).
  * Use dpkg-vendor to get the vendor name, drop lsb-release from

   [ Vagrant Cascadian ]
  * Avoid embedding the running kernel version (Closes: #976898).

xorg-server (2:1.20.10-2) unstable; urgency=medium

  * Stop defining inb/outb on mips, to fix FTBFS in some drivers with GCC 10
    (closes: #978670).

xorg-server (2:1.20.10-1) unstable; urgency=medium

  [ Timo Aaltonen ]
  * New upstream release.
    - CVE-2020-14360, CVE-2020-25712 (Closes: #976216)
  * Drop patches:
    - 0001-Revert-*: Reverted upstream in this version
    - revert-hw-xfree86-avoid-cursor-use-after-free.diff: Issue fixed in this version
    - revert-disabling-xss-for-rootless-xwayland.diff: Was resolved upstream as
      being a client bug
  * control: Add libnvidia-egl-wayland-dev to build-depends, enables
    EGLStream support in xwayland.

  [ Adrian Bunk ]
  * rules: Add a workaround to fix build on mips*. (Closes: #975579)

xorg-server (2:1.20.9-2ubuntu3) hirsute; urgency=medium

  * SECURITY UPDATE: out of bounds memory accesses on too short request
    - debian/patches/CVE-2020-14360.patch: check SetMap request length
      carefully in xkb/xkb.c.
    - CVE-2020-14360
  * SECURITY UPDATE: multiple heap overflows
    - debian/patches/CVE-2020-25712.patch: add bounds checks in xkb/xkb.c.
    - CVE-2020-25712

xorg-server (2:1.20.9-2ubuntu2) hirsute; urgency=medium

  * fix-gtf-detection-for-edid-14.diff: Fix a regression in detecting
    modes of an EDID 1.4 monitor. (LP: #1897530)

Date: 2021-12-14 16:04:11.571877+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list