76cd1aa753
Fixes the following vulnerabilities: * CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds access The handler for the CompositeGlyphs request of the Render extension does not properly validate the request length leading to out of bounds memory write. * CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier out-of-bounds access The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. * CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access The handler for the Suspend request of the Screen Saver extension does not properly validate the request length leading to out of bounds memory write. * CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to out of bounds memory write. For details, see the advisory: https://lists.x.org/archives/xorg-announce/2021-December/003122.html Builds without systemd unfortunately got broken. Add a patch fixing that from an upstream merge request: https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/827 Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
7 lines
444 B
Plaintext
7 lines
444 B
Plaintext
# From https://lists.x.org/archives/xorg-announce/2021-December/003125.html
|
|
sha256 c20bf46a9fe8e74bf4e75430637e58d49a02d806609dc161462bceb1ef7e8db0 xorg-server-21.1.2.tar.xz
|
|
sha512 6d7a0d29d5be09f80ed505c4d6ae964795127525a0ab73a4eab4f601788ab3627033143e5aeb4c2565c6683dd3402084d13acab5554606fbd519c4aec0a79def xorg-server-21.1.2.tar.xz
|
|
|
|
# Locally calculated
|
|
sha256 4cc0447a22635c7b2f1a93fec4aa94f1970fadeb72a063de006b51cf4963a06f COPYING
|