main/xorg-server: security fix (CVE-2013-1940)

fixes #1797

2 files changed, 17 insertions, 3 deletions

diff --git a/main/xorg-server/APKBUILD b/main/xorg-server/APKBUILD
index 821c4493a9..77a653095c 100644
--- a/main/xorg-server/APKBUILD
+++ b/main/xorg-server/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=xorg-server
 pkgver=1.10.4
-pkgrel=1
+pkgrel=2
 pkgdesc="X.Org X servers"
 url="http://xorg.freedesktop.org"
 arch="all"
@@ -63,7 +63,8 @@ source="http://xorg.freedesktop.org/releases/individual/xserver/$pkgname-$pkgver
 	bg-none-revert.patch
 	xserver-1.10-pointer-barriers.patch
 	cve-2011-4029.patch
-"
+	CVE-2013-1940.patch
+	"
 
 depends_dev="pixman-dev libpciaccess-dev xproto randrproto renderproto
 	xextproto inputproto kbproto fontsproto videoproto xineramaproto
@@ -155,4 +156,5 @@ md5sums="94f23d30a77d63e27dd209a57fccfebf  xorg-server-1.10.4.tar.bz2
 222de594206d1148a90eddfda4f7a11a  xorg-redhat-die-ugly-pattern-die-die-die.patch
 030dd3ec221b895de3057d7513d8c1d7  bg-none-revert.patch
 db48cea655c7bccec9171c5df1558a64  xserver-1.10-pointer-barriers.patch
-09ecdf3b4e49bd2490946ac15b464535  cve-2011-4029.patch"
+09ecdf3b4e49bd2490946ac15b464535  cve-2011-4029.patch
+51b454ab1e68d09312e3e40bfd894d20  CVE-2013-1940.patch"
diff --git a/main/xorg-server/CVE-2013-1940.patch b/main/xorg-server/CVE-2013-1940.patch
new file mode 100644
index 0000000000..a36c7407c8
--- /dev/null
+++ b/main/xorg-server/CVE-2013-1940.patch
@@ -0,0 +1,12 @@
+--- ./hw/xfree86/os-support/shared/posix_tty.c.orig
++++ ./hw/xfree86/os-support/shared/posix_tty.c
+@@ -460,7 +460,8 @@
+ {
+ 	fd_set fds;
+ 	struct timeval timeout;
+-	char c[4];
++	/* this needs to be big enough to flush an evdev event. */
++	char c[256];
+ 
+ 	DebugF("FlushingSerial\n");
+ 	if (tcflush(fd, TCIFLUSH) == 0)