diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2013-04-25 12:14:20 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-04-25 12:18:01 +0000 |
commit | 2bcdd427fd00be3d82fea8571bfddbcb07ab7b6c (patch) | |
tree | 279ec134dccd41a7860938549ba9fd3e177cb316 | |
parent | f1087a94a9bdea889cf376bfd6acbbe176eeb2c2 (diff) | |
download | aports-2bcdd427fd00be3d82fea8571bfddbcb07ab7b6c.tar.bz2 aports-2bcdd427fd00be3d82fea8571bfddbcb07ab7b6c.tar.xz |
main/xorg-server: security fix (CVE-2013-1940)
fixes #1797
-rw-r--r-- | main/xorg-server/APKBUILD | 8 | ||||
-rw-r--r-- | main/xorg-server/CVE-2013-1940.patch | 12 |
2 files changed, 17 insertions, 3 deletions
diff --git a/main/xorg-server/APKBUILD b/main/xorg-server/APKBUILD index 821c4493a9..77a653095c 100644 --- a/main/xorg-server/APKBUILD +++ b/main/xorg-server/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=xorg-server pkgver=1.10.4 -pkgrel=1 +pkgrel=2 pkgdesc="X.Org X servers" url="http://xorg.freedesktop.org" arch="all" @@ -63,7 +63,8 @@ source="http://xorg.freedesktop.org/releases/individual/xserver/$pkgname-$pkgver bg-none-revert.patch xserver-1.10-pointer-barriers.patch cve-2011-4029.patch -" + CVE-2013-1940.patch + " depends_dev="pixman-dev libpciaccess-dev xproto randrproto renderproto xextproto inputproto kbproto fontsproto videoproto xineramaproto @@ -155,4 +156,5 @@ md5sums="94f23d30a77d63e27dd209a57fccfebf xorg-server-1.10.4.tar.bz2 222de594206d1148a90eddfda4f7a11a xorg-redhat-die-ugly-pattern-die-die-die.patch 030dd3ec221b895de3057d7513d8c1d7 bg-none-revert.patch db48cea655c7bccec9171c5df1558a64 xserver-1.10-pointer-barriers.patch -09ecdf3b4e49bd2490946ac15b464535 cve-2011-4029.patch" +09ecdf3b4e49bd2490946ac15b464535 cve-2011-4029.patch +51b454ab1e68d09312e3e40bfd894d20 CVE-2013-1940.patch" diff --git a/main/xorg-server/CVE-2013-1940.patch b/main/xorg-server/CVE-2013-1940.patch new file mode 100644 index 0000000000..a36c7407c8 --- /dev/null +++ b/main/xorg-server/CVE-2013-1940.patch @@ -0,0 +1,12 @@ +--- ./hw/xfree86/os-support/shared/posix_tty.c.orig ++++ ./hw/xfree86/os-support/shared/posix_tty.c +@@ -460,7 +460,8 @@ + { + fd_set fds; + struct timeval timeout; +- char c[4]; ++ /* this needs to be big enough to flush an evdev event. */ ++ char c[256]; + + DebugF("FlushingSerial\n"); + if (tcflush(fd, TCIFLUSH) == 0) |