[ubuntu/xenial-security] xorg-server-hwe-16.04 2:1.19.3-1ubuntu1~16.04.3 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Thu Oct 12 14:25:42 UTC 2017

xorg-server-hwe-16.04 (2:1.19.3-1ubuntu1~16.04.3) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS or segment overwrite via shmseg resource id
    - debian/patches/CVE-2017-13721.patch: validate shmseg resource id in
    - CVE-2017-13721
  * SECURITY UPDATE: buffer overflow via XKB data
    - debian/patches/CVE-2017-13723.patch: handle xkb formatted string
      output safely in xkb/xkbtext.c.
    - CVE-2017-13723

xorg-server-hwe-16.04 (2:1.19.3-1ubuntu1~16.04.2) xenial; urgency=medium

  * SECURITY UPDATE: DoS and possible code execution in endianness
    conversion of X Events
    - debian/patches/CVE-2017-10971-1.patch: do not try to swap
      GenericEvent in Xi/sendexev.c.
    - debian/patches/CVE-2017-10971-2.patch: verify all events in
      ProcXSendExtensionEvent in Xi/sendexev.c.
    - debian/patches/CVE-2017-10971-3.patch: disallow GenericEvent in
      SendEvent request in dix/events.c, dix/swapreq.c.
    - CVE-2017-10971
  * SECURITY UPDATE: information leak in XEvent handling
    - debian/patches/CVE-2017-10972.patch: zero target buffer in
      SProcXSendExtensionEvent in Xi/sendexev.c.
    - CVE-2017-10972

xorg-server-hwe-16.04 (2:1.19.3-1ubuntu1~16.04.1) xenial; urgency=medium

  * Backport for hwe-16.04 stack. (LP: #1687981)
  * control: Bump libwayland-dev build-dep to 1.11.0 which has the proxy
  * rules: Clean files not needed on hwe pkgs and make dh_install happy.
  * control: Add dh-autoreconf back, needed on xenial.

xorg-server (2:1.19.3-1ubuntu1) zesty; urgency=medium

  [ Timo Aaltonen ]
  * Merge from Debian experimental. (LP: #1671799)
    - Patches refreshed
    - randr-adjust-masters-last-set-time.diff,
      modesetting-unifdef-slave-support.diff: Dropped, upstream
    - config-add-no-removal.patch, xf86-inactive-gpuscreen.patch,
      fix-detach-gpu.patch: Dropped, more or less obsolete
  * 190_cache-xkbcomp_output_for_fast_start_up.patch: Cleaned up from
    the package as it wasn't used.
  * 111_armel-drv-fallbacks.patch: Dropped, we don't ship these drivers
  * rules: Drop the workaround that adds lt_cv_prog_compiler_static_works=no
    to confflags.
  * 232-xf86compatoutput-valgrind.patch: This was added upstream
    already, no need to carry a duplicate check.
  * 208_switch_on_release.diff: Dropped, doesn't work with 1.19.
  * 228_autobind_gpu.patch: Update from Fedora, fixes nvidia.
  * disable-rotation-transform-gpuscreens.patch: Dropped, nvidia
    supports rotation now.
  * 122_xext_fix_card32_overflow_in_xauth.patch: Dropped, upstream
    review found issues and it never got applied.
  * xfree86-no-xv-for-gpuscreens.patch: Drop bogus buglink.
  * 227_null_ptr_midispcur.patch: Dropped, upstream didn't accept it.
  * randr-do-not-check-the-screen-size.diff: Dropped, can't reproduce
    #1586260 anymore without the patch.

  [ Robert Ancell ]
  * debian/patches/xmir.patch:
    - Refresh
    - Fix warnings when built against lp:mir/0.25
    - Support both Mir 0.24, 0.25 and 0.26 client APIs
    - Fix crashing on arm64 (LP: #1642297)

xorg-server (2:1.19.3-1) unstable; urgency=medium

  * New upstream release.

xorg-server (2:1.19.2-1) unstable; urgency=medium

  [ Andreas Boll ]
  * xserver-xorg-core.bug.script: Change udevadm path from /sbin to /bin
    (Closes: #852584).

  [ Emilio Pozuelo Monfort ]
  * New upstream stable release.
    - CVE-2017-2624: Timing attack against MIT cookie. Closes: #856398.
  * control: Build-depend on libbsd-dev everywhere, needed for
    arc4random_buf for the above fix.

xorg-server (2:1.19.1-4) unstable; urgency=medium

  * rules: Only set the suid bit on Xorg.wrap when building arch:any
    packages. Thanks Julien Cristau.

xorg-server (2:1.19.1-3) unstable; urgency=medium

  * rules: Fix setting suid bit on Xorg.wrap.
  * rules: Don't ignore errors when setting the suid bit.

xorg-server (2:1.19.1-2) unstable; urgency=medium

  * rules: Fix udeb regression from dh migration. Should also fix FTBFS
    on hurd and kfreebsd.
  * rules: Add --fail-missing to dh_install.
  * rules: Remove unused vars config_backend_main and

xorg-server (2:1.19.1-1) unstable; urgency=medium

  [ Emilio Pozuelo Monfort ]
  * Switch to dh.
  * Drop build-deps on automake and libtool, dh-autoreconf depends on
    them for us.
  * rules: use install consistently.
  * Drop pre-wheezy Breaks.

  [ Andreas Boll ]
  * New upstream release.
    - AttendClient of grab-pervious client must queue to
      saved_ready_clients [v2] (Closes: #846779, #850940).
    - present: Only call present_flip_notify if vblank->queued == FALSE
      (Closes: #849250).

xorg-server (2:1.19.0-3) unstable; urgency=medium

  * Drop xserver-xorg-core-dbg in favor of xserver-xorg-core-dbgsym.
  * Cherry-pick upstream commit d6da2086951,
    Revert "damage: Make damageRegionProcessPending take a damage not a
    drawable". Fixes a crash caused by trying to free an invalid pointer.
    Closes: #847025, #848321.

xorg-server (2:1.19.0-2) unstable; urgency=medium

  * Disable glamor on the udeb build. It's not needed there.
    This has the side effect of fixing the Hurd build.
  * debian/patches/02_kbsd-input-devd.diff:
    - Ported to NotifyFd. Fixes the kFreeBSD build.
  * Bump Standards-Version to 3.9.8; no changes needed.

xorg-server (2:1.19.0-1) unstable; urgency=medium

  [ Andreas Boll ]
  * New upstream release.
  * rules: Explicitly disable glamor on hurd. Should fix FTBFS on hurd.

  [ Emilio Pozuelo Monfort ]
  * Upload to unstable.

xorg-server (2: experimental; urgency=medium

  [ Timo Aaltonen ]
  * New upstream release candidate 1.
  * control: Bump libxfont-dev build-dependency.
  * patches:
    - refreshed
    - glamor-Declare-pos-in-the-composite-glyph.diff dropped, upstream
  * control: Add libxcb-xkb-dev to build-depends.
  * serverminver: Bumped.
  * watch: Fix a typo.

  [ Emilio Pozuelo Monfort ]
  * New upstream release candidate 2.
  * rules: Drop aiglx enable/disable flags, removed upstream.
  * control: Bump x11proto-core-dev requirement.
  * control: Add wayland-protocols build-dep on linux for Xwayland.

xorg-server (2:1.18.4-2) unstable; urgency=medium

  [ Julien Cristau ]
  * Adjust bug script to look for log files in $HOME/.local/share/xorg in
    addition to /var/log, to handle unprivileged Xorg.
  * Update a bunch of URLs in packaging to https.

  [ Andreas Boll ]
  * Add glamor-Declare-pos-in-the-composite-glyph.diff from upstream
    (Closes: #834054).

xorg-server (2:1.18.4-1ubuntu9) zesty; urgency=medium

  * control: Depend on libxfont1-dev.

xorg-server (2:1.18.4-1ubuntu8) zesty; urgency=medium

  * xvfb-run: Bump default bitdepth to 16 so that GLX works.

Date: 2017-10-12 11:20:38.035342+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Xenial-changes mailing list