Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-01-15 15:41:54 +01:00
Code Issues Projects Releases Packages Wiki Activity
slackware-current/patches/source/xorg-server/patch/xorg-server.patch
Patrick J Volkerding d6e7dd0417 Wed Apr 3 22:22:06 UTC 2024 
patches/packages/xorg-server-1.20.14-x86_64-12_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
  Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
  Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
  Use-after-free in ProcRenderAddGlyphs.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-April/003497.html
    https://www.cve.org/CVERecord?id=CVE-2024-31080
    https://www.cve.org/CVERecord?id=CVE-2024-31081
    https://www.cve.org/CVERecord?id=CVE-2024-31082
    https://www.cve.org/CVERecord?id=CVE-2024-31083
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-12_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-12_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-12_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-11_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
  Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
  Use-after-free in ProcRenderAddGlyphs.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-April/003497.html
    https://www.cve.org/CVERecord?id=CVE-2024-31080
    https://www.cve.org/CVERecord?id=CVE-2024-31081
    https://www.cve.org/CVERecord?id=CVE-2024-31083
  (* Security fix *)
2024-04-04 13:30:42 +02:00

86 lines
7.2 KiB
Diff
Raw Blame History

# We've used this one forever.
zcat $CWD/patch/xorg-server/x11.startwithblackscreen.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Without this patch, combo mouse/keyboard (such as Logitech through unified
# receiver) may be unable to set the desired keyboard layout.
zcat $CWD/patch/xorg-server/xorg-server.combo.mouse.keyboard.layout.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Fix a segfault in xorg-server-1.20.0. Odds are good this will be fixed in
# the next xorg-server and will no longer apply then.
zcat $CWD/patch/xorg-server/fix-nouveau-segfault.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# From Fedora Rawhide 2018/7 (possibly useful, doesn't seem like it will hurt anything):
zcat $CWD/patch/xorg-server/0001-Always-install-vbe-and-int10-sdk-headers.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# From Fedora Rawhide 2018/7, looks like many other distributions have added
# this patch for a long time. Keep an eye out for newer versions though, and
# revisit this if any DE begin to manage secondary GPUs (although none do yet):
zcat $CWD/patch/xorg-server/0001-autobind-GPUs-to-the-screen.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# The upstream nouveau developers recommend this. On newer nvidia cards it works
# better to use the generic modesetting ddx rather than nouveau.
# Reference: https://bugs.freedesktop.org/show_bug.cgi?id=94844
# Added here 2018/7.
zcat $CWD/patch/xorg-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Fix a PCI related segfault:
zcat $CWD/patch/xorg-server/fix-pci-segfault.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Only use Intel DDX with pre-gen4 hardware. Newer hardware will the the modesetting driver by default:
zcat $CWD/patch/xorg-server/06_use-intel-only-on-pre-gen4.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Patch CVE-2022-2320 and CVE-2022-2319:
zcat $CWD/patch/xorg-server/0001-f1070c01d616c5f21f939d5ebc533738779451ac.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/0002-dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/0003-6907b6ea2b4ce949cb07271f5b678d5966d9df42.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Patch some more security issues:
zcat $CWD/patch/xorg-server/CVE-2022-3550.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2022-3551.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2022-3553.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Patch some more security issues:
zcat $CWD/patch/xorg-server/CVE-2022-4283.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2022-46340.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2022-46341.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2022-46342.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2022-46343.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2022-46344.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Fix a bug in the previous patch:
zcat $CWD/patch/xorg-server/CVE-2022-46340.correction.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Patch another security issue:
zcat $CWD/patch/xorg-server/CVE-2023-0494.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# [PATCH] present: Check for NULL to prevent crash.
# This prevents a crash with recent NVIDIA drivers.
zcat $CWD/patch/xorg-server/857.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Patch another security issue:
zcat $CWD/patch/xorg-server/CVE-2023-1393.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Patch more security issues:
zcat $CWD/patch/xorg-server/CVE-2023-5367.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2023-5380.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Patch more security issues:
zcat $CWD/patch/xorg-server/CVE-2023-6377.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2023-6478.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Patch more security issues:
zcat $CWD/patch/xorg-server/CVE-2023-6816.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-0229.01.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-0229.02.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-0229.03.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-0408.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-0409.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-21885.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-21886.01.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-21886.02.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
# Patch more security issues:
zcat $CWD/patch/xorg-server/CVE-2024-31080.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-31081.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-31082.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
zcat $CWD/patch/xorg-server/CVE-2024-31083.patch.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
Reference in a new issue View git blame Copy permalink