[ubuntu/focal-security] xorg-server 2:1.20.9-2ubuntu1.2~20.04.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Jan 18 17:14:45 UTC 2021
xorg-server (2:1.20.9-2ubuntu1.2~20.04.1) focal-security; urgency=medium
* Backport to focal; Reintroduce CVE fixes from focal 1.20.8-2ubuntu2.6
/ groovy 1.20.9-2ubuntu1.1.
xorg-server (2:1.20.9-2ubuntu1.2) groovy; urgency=medium
* fix-gtf-detection-for-edid-14.diff: Fix a regression in detecting
modes of an EDID 1.4 monitor. (LP: #1883497)
xorg-server (2:1.20.9-2ubuntu1.1~20.04.1) focal; urgency=medium
* Backport to focal. (LP: #1902244)
xorg-server (2:1.20.9-2ubuntu1.1) groovy-security; urgency=medium
* SECURITY UPDATE: out of bounds memory accesses on too short request
- debian/patches/CVE-2020-14360.patch: check SetMap request length
carefully in xkb/xkb.c.
- CVE-2020-14360
* SECURITY UPDATE: multiple heap overflows
- debian/patches/CVE-2020-25712.patch: add bounds checks in xkb/xkb.c.
- CVE-2020-25712
xorg-server (2:1.20.9-2ubuntu1) groovy; urgency=medium
* Merge from Debian.
- xfree86-add-drm-modes-on-non-GTF-panels.patch: Dropped, upstream
- CVE patches dropped, upstream
* modesetting-do-not-stop-on-entervt.diff: Dropped in favor of two
upstream commits that got merged. (LP: #1897530)
xorg-server (2:1.20.9-2) unstable; urgency=medium
* fix-pci-probing-segfault.diff: Dropped and revert three commits
instead. (Closes: #969739)
xorg-server (2:1.20.9-1) unstable; urgency=medium
* New upstream release.
- CVE-2020-14347 (Closes: #968986)
* fix-pci-probing-segfault.diff: Fix a regression in 1.20.9 when
probing the GPU.
* revert-hw-xfree86-avoid-cursor-use-after-free.diff: Revert a commit
which is causing server crashes.
* revert-disabling-xss-for-rootless-xwayland.diff: Fix a regression
where apps crash under Xwayland.
xorg-server (2:1.20.8-2ubuntu6) groovy; urgency=medium
* SECURITY UPDATE: Out-Of-Bounds access in XkbSetNames function
- debian/patches/CVE-2020-14345.patch: correct bounds checking in
xkb/xkb.c.
- CVE-2020-14345
xorg-server (2:1.20.8-2ubuntu5) groovy; urgency=medium
* SECURITY UPDATE: Integer underflow in the X input extension protocol
- debian/patches/CVE-2020-14346.patch: properly calculate length in
Xi/xichangehierarchy.c.
- CVE-2020-14346
* SECURITY UPDATE: server memory leak
- debian/patches/CVE-2020-14347.patch: initialize memory in
dix/pixmap.c.
- CVE-2020-14347
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14361.patch: fix dataLeft calculation in
xkb/xkbSwap.c.
- CVE-2020-14361
* SECURITY UPDATE: Integer Underflow Privilege Escalation
- debian/patches/CVE-2020-14362.patch: properly calculate lengths in
record/record.c.
- CVE-2020-14362
* debian/control: add libffi-dev to Build-Depends to fix FTBFS.
xorg-server (2:1.20.8-2ubuntu4) groovy; urgency=medium
* xfree86-add-drm-modes-on-non-GTF-panels.patch: Add GTF modes on
continuous-frequency monitors. (LP: #1883497)
xorg-server (2:1.20.8-2ubuntu3) groovy; urgency=medium
* modesetting-do-not-stop-on-entervt.diff: Don't crash if connectors
go missing. (LP: #1879893)
Date: 2021-01-18 13:52:10.277085+00:00
Changed-By: Timo Aaltonen <tjaalton at ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.9-2ubuntu1.2~20.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list