-
xorg-server (2:21.1.4-2ubuntu1.7~22.04.2) jammy-security; urgency=medium
* SECURITY UPDATE: OOB write in XIChangeDeviceProperty and
RRChangeOutputProperty
- debian/patches/CVE-2023-5367.patch: fix handling of PropModeAppend
and PropModePrepend in Xi/xiproperty.c, randr/rrproperty.c.
- CVE-2023-5367
* SECURITY UPDATE: Use-after-free bug in DestroyWindow
- debian/patches/CVE-2023-5380.patch: reset the PointerWindows
reference on screen switch in dix/enterleave.h, include/eventstr.h,
mi/mipointer.c.
- CVE-2023-5380
-- Marc Deslauriers <email address hidden> Mon, 23 Oct 2023 12:30:42 -0400
-
xorg-server (2:21.1.4-2ubuntu1.7~22.04.1) jammy; urgency=medium
* Backport to jammy. (LP: #2009767)
-- Timo Aaltonen <email address hidden> Tue, 04 Apr 2023 09:20:09 +0300
-
xorg-server (2:21.1.3-2ubuntu2.9) jammy-security; urgency=medium
* SECURITY UPDATE: Overlay Window Use-After-Free
- debian/patches/CVE-2023-1393.patch: fix use-after-free of the COW in
composite/compwindow.c.
- CVE-2023-1393
-- Marc Deslauriers <email address hidden> Wed, 29 Mar 2023 08:52:16 -0400
-
xorg-server (2:21.1.3-2ubuntu2.8) jammy; urgency=medium
* patches: Force update LEDs after device state update. (LP: #1993621)
-- Timo Aaltonen <email address hidden> Tue, 21 Feb 2023 18:01:37 +0200
-
xorg-server (2:21.1.3-2ubuntu2.7) jammy-security; urgency=medium
* SECURITY UPDATE: DeepCopyPointerClasses use-after-free
- debian/patches/CVE-2023-0494.patch: fix potential use-after-free in
Xi/exevents.c.
- CVE-2023-0494
-- Marc Deslauriers <email address hidden> Tue, 07 Feb 2023 07:47:22 -0500
-
xorg-server (2:21.1.3-2ubuntu2.6) jammy; urgency=medium
* re-calculate-the-clock-and-refresh-rate.diff: Import v3, fix a
crash. (LP: #1999008)
-- Timo Aaltonen <email address hidden> Wed, 07 Dec 2022 11:32:56 +0200
-
xorg-server (2:21.1.3-2ubuntu2.5) jammy-security; urgency=medium
* SECURITY UPDATE: XTestSwapFakeInput stack overflow
- debian/patches/CVE-2022-46340.patch: disallow GenericEvents in
XTestSwapFakeInput in Xext/xtest.c.
- CVE-2022-46340
* SECURITY UPDATE: XIPassiveUngrabDevice out-of-bounds access
- debian/patches/CVE-2022-46341.patch: disallow passive grabs with a
detail > 255 in Xi/xipassivegrab.c.
- CVE-2022-46341
* SECURITY UPDATE: XvdiSelectVideoNotify use-after-free
- debian/patches/CVE-2022-46342.patch: free the XvRTVideoNotify when
turning off from the same client in Xext/xvmain.c.
- CVE-2022-46342
* SECURITY UPDATE: ScreenSaverSetAttributes use-after-free
- debian/patches/CVE-2022-46343.patch: free the screen saver resource
when replacing it in Xext/saver.c.
- CVE-2022-46343
* SECURITY UPDATE: XIChangeProperty out-of-bounds access
- debian/patches/CVE-2022-46344-1.patch: return an error from XI
property changes if verification failed in Xi/xiproperty.c.
- debian/patches/CVE-2022-46344-2.patch: avoid integer truncation in
length check of ProcXIChangeProperty in Xi/xiproperty.c.
- CVE-2022-46344
* SECURITY UPDATE: XkbGetKbdByName use-after-free
- debian/patches/CVE-2022-4283.patch: reset the radio_groups pointer to
NULL after freeing it in xkb/xkbUtils.c.
- CVE-2022-4283
-- Marc Deslauriers <email address hidden> Wed, 07 Dec 2022 07:56:57 -0500
-
xorg-server (2:21.1.3-2ubuntu2.4) jammy; urgency=medium
* patches: Remove some merge cruft.
* re-calculate-the-clock-and-refresh-rate.diff: Fix modes on 2.5k@90Hz
panels. (LP: #1996490)
* patches: Don't send touch end to clients that do async grab without
touches. (LP: #1994027)
-- Timo Aaltonen <email address hidden> Thu, 24 Nov 2022 14:21:14 +0200
-
xorg-server (2:21.1.3-2ubuntu2.3) jammy-security; urgency=medium
* SECURITY UPDATE: GetCountedString Buffer Overflow
- debian/patches/CVE-2022-3550.patch: add a check for client->req_len
size for _GetCountedString in xkb/xkb.c.
- CVE-2022-3550
* SECURITY UPDATE: ProcXkbGetKbdByName Memory Leak
- debian/patches/CVE-2022-3551.patch: add calls to free allocated
memory if the execution reaches failures in ProcXkbGetKbdByName
in xkb/xkb.c.
- CVE-2022-3551
-- Rodrigo Figueiredo Zaiden <email address hidden> Tue, 22 Nov 2022 16:22:28 -0300
-
xorg-server (2:21.1.3-2ubuntu2.2) jammy; urgency=medium
* 001_fedora_extramodes.patch: Dropped, causes issues with NVIDIA and
is obsolete anyway. (LP: #1990456)
-- Timo Aaltonen <email address hidden> Thu, 22 Sep 2022 17:26:58 +0300
-
xorg-server (2:21.1.3-2ubuntu2.1) jammy-security; urgency=medium
* SECURITY UPDATE: ProcXkbSetGeometry Out-Of-Bounds Access
- debian/patches/CVE-2022-2319-pre1.patch: switch to array index loops
to moving pointers in xkb/xkb.c.
- debian/patches/CVE-2022-2319.patch: add request length validation for
XkbSetGeometry in xkb/xkb.c.
- CVE-2022-2319
* SECURITY UPDATE: ProcXkbSetDeviceInfo Out-Of-Bounds Access
- debian/patches/CVE-2022-2320.patch: swap XkbSetDeviceInfo and
XkbSetDeviceInfoCheck in xkb/xkb.c.
- CVE-2022-2320
-- Marc Deslauriers <email address hidden> Wed, 06 Jul 2022 09:45:33 -0400
-
xorg-server (2:21.1.3-2ubuntu2) jammy; urgency=medium
* rules: Drop special case for i386, dmx is gone.
-- Timo Aaltonen <email address hidden> Tue, 01 Mar 2022 16:33:35 +0200
-
xorg-server (2:21.1.3-2ubuntu1) jammy; urgency=medium
* Merge from Debian.
* patches: Drop upstreamed patches.
* patches: Refreshed.
-- Timo Aaltonen <email address hidden> Wed, 23 Feb 2022 17:20:53 +0200
-
xorg-server (2:1.20.14-1ubuntu1) jammy; urgency=medium
* Merge from Debian.
* CVE patches dropped, upstream.
-- Timo Aaltonen <email address hidden> Tue, 11 Jan 2022 16:51:48 +0200
-
xorg-server (2:1.20.13-1ubuntu2) jammy; urgency=medium
* SECURITY UPDATE: SProcRenderCompositeGlyphs out-of-bounds access
- debian/patches/CVE-2021-4008.patch: check lengths in render/render.c.
- CVE-2021-4008
* SECURITY UPDATE: SProcXFixesCreatePointerBarrier out-of-bounds access
- debian/patches/CVE-2021-4009.patch: use sizes in xfixes/cursor.c.
- CVE-2021-4009
* SECURITY UPDATE: SProcScreenSaverSuspend out-of-bounds access
- debian/patches/CVE-2021-4010.patch: fix logic in Xext/saver.c.
- CVE-2021-4010
* SECURITY UPDATE: SwapCreateRegister out-of-bounds access
- debian/patches/CVE-2021-4011.patch: fix length in record/record.c.
- CVE-2021-4011
-- Marc Deslauriers <email address hidden> Tue, 14 Dec 2021 11:11:36 -0500
-
xorg-server (2:1.20.13-1ubuntu1) impish; urgency=medium
* Merge from Debian.
* modesetting-disable-reverse-prime-offload-udl.diff: Dropped,
upstream.
-- Timo Aaltonen <email address hidden> Tue, 10 Aug 2021 12:32:48 +0300
