diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2013-04-25 11:56:51 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-04-25 11:56:51 +0000 |
| commit | 0b5d8bad4b7b860f55937ab1b4f3418233876d11 (patch) | |
| tree | 35020bd16a67075cfe5aa21ebb8bbcfa040d24f0 | |
| parent | 5e6e2787c3d9c3541f1a80cdd94ca8c99f950a25 (diff) | |
| download | aports-0b5d8bad4b7b860f55937ab1b4f3418233876d11.tar.bz2 aports-0b5d8bad4b7b860f55937ab1b4f3418233876d11.tar.xz | |
main/xorg-server: security fix (CVE-2013-1940)
fixes #1795
| -rw-r--r-- | main/xorg-server/APKBUILD | 6 | ||||
| -rw-r--r-- | main/xorg-server/CVE-2013-1940.patch | 35 |
2 files changed, 39 insertions, 2 deletions
diff --git a/main/xorg-server/APKBUILD b/main/xorg-server/APKBUILD index fc9957724..13e24c144 100644 --- a/main/xorg-server/APKBUILD +++ b/main/xorg-server/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=xorg-server pkgver=1.12.1 -pkgrel=1 +pkgrel=2 pkgdesc="X.Org X servers" url="http://xorg.freedesktop.org" arch="all" @@ -62,6 +62,7 @@ makedepends=" source="http://xorg.freedesktop.org/releases/individual/xserver/$pkgname-$pkgver.tar.bz2 autoconfig-nvidia.patch autoconfig-sis.patch + CVE-2013-1940.patch " depends_dev="pixman-dev libpciaccess-dev xproto randrproto renderproto @@ -153,4 +154,5 @@ xephyr() { md5sums="20e73b422bda6f0d1405af676983cc70 xorg-server-1.12.1.tar.bz2 ea4852dedbb89550f6bc113ca66348a2 autoconfig-nvidia.patch -825ca99ea9348c66abdf2c479e0af485 autoconfig-sis.patch" +825ca99ea9348c66abdf2c479e0af485 autoconfig-sis.patch +0348536ea835918616727a1f261954f0 CVE-2013-1940.patch" diff --git a/main/xorg-server/CVE-2013-1940.patch b/main/xorg-server/CVE-2013-1940.patch new file mode 100644 index 000000000..4231fb815 --- /dev/null +++ b/main/xorg-server/CVE-2013-1940.patch @@ -0,0 +1,35 @@ +From 8039b6b7a31f6cf75fcbe4e472d8e9544808396c Mon Sep 17 00:00:00 2001 +From: Dave Airlie <airlied@gmail.com> +Date: Wed, 10 Apr 2013 06:09:01 +0000 +Subject: xf86: fix flush input to work with Linux evdev devices. + +So when we VT switch back and attempt to flush the input devices, +we don't succeed because evdev won't return part of an event, +since we were only asking for 4 bytes, we'd only get -EINVAL back. + +This could later cause events to be flushed that we shouldn't have +gotten. + +This is a fix for CVE-2013-1940. + +Signed-off-by: Dave Airlie <airlied@redhat.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> +(cherry picked from commit 6ca03b9161d33b1d2b55a3a1a913cf88deb2343f) +--- +diff --git a/hw/xfree86/os-support/shared/posix_tty.c b/hw/xfree86/os-support/shared/posix_tty.c +index ab3757a..4d08c1e 100644 +--- a/hw/xfree86/os-support/shared/posix_tty.c ++++ b/hw/xfree86/os-support/shared/posix_tty.c +@@ -421,7 +421,8 @@ xf86FlushInput(int fd) + { + fd_set fds; + struct timeval timeout; +- char c[4]; ++ /* this needs to be big enough to flush an evdev event. */ ++ char c[256]; + + DebugF("FlushingSerial\n"); + if (tcflush(fd, TCIFLUSH) == 0) +-- +cgit v0.9.0.2-2-gbebe |