Hello community, here is the log from the commit of package libxcb.1713 for openSUSE:12.3:Update checked in at 2013-06-14 16:50:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/libxcb.1713 (Old) and /work/SRC/openSUSE:12.3:Update/.libxcb.1713.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libxcb.1713" Changes: -------- New Changes file: --- /dev/null 2013-06-12 16:57:03.272031756 +0200 +++ /work/SRC/openSUSE:12.3:Update/.libxcb.1713.new/libxcb.changes 2013-06-14 16:50:29.000000000 +0200 @@ -0,0 +1,251 @@ +------------------------------------------------------------------- +Tue May 28 12:23:32 UTC 2013 - [email protected] + +- U_0001-integer-overflow-in-read_packet-CVE-2013-2064.patch + * fixes integer overflow in read_packet() [CVE-2013-2064] + (bnc#821584, bnc#815451) + +------------------------------------------------------------------- +Fri Oct 5 18:15:57 UTC 2012 - [email protected] + +- Update to version 1.9: + + Fix "sppported" typo in doxygen comment for XCB_CONN_CLOSED_EXT_NOTSUPPORTED + + Always include "config.h" at the start of all C source files. + + Add AC_USE_SYSTEM_EXTENSIONS to allow use of more system functionality + + Return connection failure if display string specifies non-existent screen + + c_client: Fix parallel-make issue creating 'man' directory + + xcb_connect: launchd: Don't fall back on tcp if $DISPLAY is a path to a + launchd socket + + Allow undocumented code to be built + + Split manpage list in two (static/built) + + Do not list manpages, use a wildcard + + Move static man to man + + c_client.py: generate manpages + + Allow xcb_send_request with >MAX_IOV iovecs + + Add a .gitignore for src/man/ + + Fix a multi-thread deadlock + + Include static man pages in "make dist" +- Packaging changes: + + Pack the now static manpages in the devel package + +------------------------------------------------------------------- +Wed Mar 21 10:00:05 UTC 2012 - [email protected] + +- Update to new upstream release 1.8.1 +* Fallback to TCP if no protocol is specified and the UNIX + connection fails + +------------------------------------------------------------------- +Sun Feb 12 02:53:20 UTC 2012 - [email protected] + +- Rename xorg-x11-libxcb to libxcb and utilize shlib policy + (The high amount of subpackages is because libxcb essentially + substitutes the entire libX* suite) + +------------------------------------------------------------------- +Mon Jan 16 20:40:48 UTC 2012 - [email protected] + +- update libxcb to 1.8 + * Needed for Mesa to create GL3 context + +------------------------------------------------------------------- +Sun Nov 20 06:49:34 UTC 2011 - [email protected] + +- add libtool as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Tue Dec 21 02:49:39 UTC 2010 - [email protected] + +- bumped version number to 7.6_1.7 + +------------------------------------------------------------------- +Sat Sep 4 19:03:26 UTC 2010 - [email protected] + +- update to release 1.7 +- bumped version number to 7.5_1.7 +- fixed Summary/Group entries in -devel package + +------------------------------------------------------------------- +Sat Jul 3 07:16:57 UTC 2010 - [email protected] + +- use gcc instead of ld, so that -m32/-m64 is passed to the linker + +------------------------------------------------------------------- +Fri Apr 2 18:09:02 CEST 2010 - [email protected] + +- bumped version number to 7.5 + +------------------------------------------------------------------- +Mon Dec 14 18:42:16 CET 2009 - [email protected] + +- add baselibs.conf as a source + +------------------------------------------------------------------- +Fri Dec 4 22:15:53 CET 2009 - [email protected] + +- libxcb 1.5 + +------------------------------------------------------------------- +Tue Dec 1 21:31:02 CET 2009 - [email protected] + +- libxcb-1.4_2009-10-15_e82c34c.diff + * update to git commit e82c34c (2009-10-15); required for XvMC + support in xf86-video-intel 2.10 RC1 + +------------------------------------------------------------------- +Thu Jul 16 07:43:30 CEST 2009 - [email protected] + +- libxcb 1.4 + * Add majorCode, minorCode and resourceID fields to X generic + error + * Fix precedence bug: wrong length for big-requests preceded by + sync + * Fix libxcb-randr version info + +------------------------------------------------------------------- +Fri May 29 17:31:34 CEST 2009 - [email protected] + +- libxcb 1.3 + * various issues fixed +- obsoletes commit-beccb0b.diff + +------------------------------------------------------------------- +Sat May 16 09:49:06 CEST 2009 - [email protected] + +- commit-beccb0b.diff + * kludgily hand-merged xid fixes (bnc #423740, bfo #20254) + +------------------------------------------------------------------- +Thu Apr 30 21:53:45 CEST 2009 - [email protected] + +- pack .la files in devel package + +------------------------------------------------------------------- +Thu Apr 30 18:21:11 CEST 2009 - [email protected] + +- reenabled build of static libs on openSUSE <= 11.1 + +------------------------------------------------------------------- +Tue Apr 21 20:36:43 CEST 2009 - [email protected] + +- remove static libraries and "la" files + +------------------------------------------------------------------- +Mon Mar 2 21:13:44 CET 2009 - [email protected] + +- create fake libxcb-xlib.so.0 instead of faking the Provides for + it + +------------------------------------------------------------------- +Mon Mar 2 17:58:55 CET 2009 - [email protected] + +- extend last fix to baselibs.conf + +------------------------------------------------------------------- +Mon Mar 2 11:45:16 CET 2009 - [email protected] + +- fake provide libxcb-xlib.so.0 + +------------------------------------------------------------------- +Sun Mar 1 19:07:51 CET 2009 - [email protected] + +- libxcb 1.2 +- obsoletes always-sloppy.diff + +------------------------------------------------------------------- +Thu Sep 11 14:22:34 CEST 2008 - [email protected] + +- bumped release number to 7.4 + +------------------------------------------------------------------- +Mon Jul 21 14:40:13 CEST 2008 - [email protected] + +- back to libxcb 1.1, since libxcb 1.2-pre requires python for + building, which requires xorg-x11-libxcb for building + ==> autobuild loop + + +------------------------------------------------------------------- +Fri Jul 18 17:08:20 CEST 2008 - [email protected] + +- libxcb 1.1.90.1 + +------------------------------------------------------------------- +Thu Apr 10 12:54:45 CEST 2008 - [email protected] + +- added baselibs.conf file to build xxbit packages + for multilib support + +------------------------------------------------------------------- +Fri Feb 29 16:23:28 CET 2008 - [email protected] + +- add missing %postun ldconfig script + +------------------------------------------------------------------- +Mon Nov 5 14:58:18 CET 2007 - [email protected] + +- always-sloppy.diff + * This patch prints out warnings only, the assert() is completely + gone now. As programs with this error typically trigger it + several times, each warning is printed only once. (Bug #251087) + +------------------------------------------------------------------- +Mon Nov 5 09:40:14 CET 2007 - [email protected] + +- xcb-proto 1.1 + * In the eleven months since XCB's 1.0 release, a few portability + and correctness bugs have been found in libxcb. This release ++++ 54 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.3:Update/.libxcb.1713.new/libxcb.changes New: ---- U_0001-integer-overflow-in-read_packet-CVE-2013-2064.patch baselibs.conf bug-262309_xcb-xauthlocalhostname.diff libxcb-1.9.tar.bz2 libxcb.changes libxcb.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxcb.spec ++++++ # # spec file for package libxcb # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: libxcb %define lname libxcb1 Version: 1.9 Release: 0 Summary: X11 core protocol C library License: MIT Group: Development/Libraries/C and C++ Url: http://xcb.freedesktop.org/ #Git-Clone: git://anongit.freedesktop.org/xorg/lib/libxcb #Git-Web: http://cgit.freedesktop.org/xorg/lib/libxcb/ #DL-URL: http://xcb.freedesktop.org/dist/ Source: %name-%version.tar.bz2 Patch1: bug-262309_xcb-xauthlocalhostname.diff Patch2: U_0001-integer-overflow-in-read_packet-CVE-2013-2064.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build #git#BuildRequires: autoconf >= 2.57, automake, libtool BuildRequires: pkgconfig BuildRequires: python-base >= 2.6 BuildRequires: python-xml BuildRequires: pkgconfig(check) >= 0.9.4 BuildRequires: pkgconfig(pthread-stubs) BuildRequires: pkgconfig(xau) >= 0.99.2 BuildRequires: pkgconfig(xcb-proto) >= 1.7 #optional#BuildRequires: pkgconfig(xdmcp) %if 0%{?suse_version} >= 1210 BuildRequires: xsltproc %else BuildRequires: libxslt %endif %description The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package -n libxcb1 Summary: X11 core protocol C library Group: System/Libraries # O/P added for 12.2 Provides: xorg-x11-libxcb = 7.6_%version-%release Obsoletes: xorg-x11-libxcb < 7.6_%version-%release %description -n libxcb1 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package -n libxcb-composite0 Summary: X11 Composite Extension C library Group: System/Libraries %description -n libxcb-composite0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The Composite extension causes a entire sub-tree of the window hierarchy to be rendered to an off-screen buffer. Applications can then take the contents of that buffer and do whatever they like. The off-screen buffer can be automatically merged into the parent window or merged by external programs, called compositing managers. %package -n libxcb-damage0 Summary: X11 Damage Extension C library Group: System/Libraries %description -n libxcb-damage0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The X Damage Extension allows applications to track modified regions of drawables. %package -n libxcb-dpms0 Summary: X11 DPMS Extension C library Group: System/Libraries %description -n libxcb-dpms0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package -n libxcb-dri2-0 Summary: X11 DRI2 Extension C library Group: System/Libraries %description -n libxcb-dri2-0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package -n libxcb-glx0 Summary: X11 GLX Extension C library Group: System/Libraries %description -n libxcb-glx0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package -n libxcb-randr0 Summary: X11 RandR Extension C library Group: System/Libraries %description -n libxcb-randr0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The X Resize, Rotate and Reflect Extension (RandR) allows clients to dynamically change X screens, so as to resize, to change the orientation and layout of the root window of a screen. %package -n libxcb-record0 Summary: X11 RECORD Extension C library Group: System/Libraries %description -n libxcb-record0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The RECORD extension supports the recording and reporting of all core X protocol and arbitrary X extension protocol. %package -n libxcb-render0 Summary: X11 Render Extension C library Group: System/Libraries %description -n libxcb-render0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package -n libxcb-res0 Summary: X11 Resource Extension C library Group: System/Libraries %description -n libxcb-res0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package -n libxcb-screensaver0 Summary: X11 ScreenSaver Extension C library Group: System/Libraries %description -n libxcb-screensaver0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The X Window System provides support for changing the image on a display screen after a user-settable period of inactivity to avoid burning the cathode ray tube phosphors. This extension allows an external "screen saver" client to detect when the alternate image is to be displayed and to provide the graphics. %package -n libxcb-shape0 Summary: X11 Shape Extension C library Group: System/Libraries %description -n libxcb-shape0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. - X11 Nonrectangular Window Shape extension (Xshape) %package -n libxcb-shm0 Summary: X11 Shared Memory Extension C library Group: System/Libraries %description -n libxcb-shm0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The MIT Shared Memory (MIT-SHM) Extension allows exchanging image data between client and server using shared memory, so that it does not need to be transferred over sockets. %package -n libxcb-sync0 Summary: X11 Sync Extension C library Group: System/Libraries %description -n libxcb-sync0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package -n libxcb-xevie0 Summary: X11 Xevie Extension C library Group: System/Libraries %description -n libxcb-xevie0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The EvIE (Event Interception Extension) allows for clients to be able to intercept all events coming through the server and then decide what to do with them, including being able to modify or discard events. %package -n libxcb-xf86dri0 Summary: X11 XFree86-DRI Extension C library Group: System/Libraries %description -n libxcb-xf86dri0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package -n libxcb-xfixes0 Summary: X11 Xfixes Extension C library Group: System/Libraries %description -n libxcb-xfixes0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The X Fixes extension provides applications with work-arounds for various limitations in the core protocol. %package -n libxcb-xinerama0 Summary: X11 Xinerama Extension C library Group: System/Libraries %description -n libxcb-xinerama0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. Xinerama is an extension to the X Window System which enables multi-headed X applications and window managers to use two or more physical displays as one large virtual display. %package -n libxcb-xprint0 Summary: X11 XPrint Extension C library Group: System/Libraries %description -n libxcb-xprint0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. libxcb-xprint provides APIs to allow client applications to render to non-display devices. %package -n libxcb-xtest0 Summary: X11 XTEST Extension C library Group: System/Libraries %description -n libxcb-xtest0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The XTEST extension is a minimal set of client and server extensions required to completely test the X11 server with no user intervention. This extension is not intended to support general journaling and playback of user actions. %package -n libxcb-xv0 Summary: X11 video Extension C library Group: System/Libraries %description -n libxcb-xv0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. The X Video Extension (Xv) extension provides support for video adaptors attached to an X display. It takes the approach that a display may have one or more video adaptors, each of which has one or more ports through which independent video streams pass. %package -n libxcb-xvmc0 Summary: X11 Video Motion Compensation Extension C library Group: System/Libraries %description -n libxcb-xvmc0 The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. X-Video Motion Compensation (XvMC), is an extension of the X video extension (Xv) for the X Window System. The XvMC API allows video programs to offload portions of the video decoding process to the GPU video-hardware. %package devel Summary: Development files for the X11 protocol C library Group: Development/Libraries/C and C++ Requires: libxcb-composite0 = %version Requires: libxcb-damage0 = %version Requires: libxcb-dpms0 = %version Requires: libxcb-dri2-0 = %version Requires: libxcb-glx0 = %version Requires: libxcb-randr0 = %version Requires: libxcb-record0 = %version Requires: libxcb-render0 = %version Requires: libxcb-res0 = %version Requires: libxcb-screensaver0 = %version Requires: libxcb-shape0 = %version Requires: libxcb-shm0 = %version Requires: libxcb-sync0 = %version Requires: libxcb-xevie0 = %version Requires: libxcb-xf86dri0 = %version Requires: libxcb-xfixes0 = %version Requires: libxcb-xinerama0 = %version Requires: libxcb-xprint0 = %version Requires: libxcb-xtest0 = %version Requires: libxcb-xv0 = %version Requires: libxcb-xvmc0 = %version # O/P added for 12.2 Provides: xorg-x11-libxcb-devel = 7.6_%version-%release Obsoletes: xorg-x11-libxcb-devel < 7.6_%version-%release %description devel The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. This package contains the development headers for the library found in %lname. %prep %setup -q %patch -P 1 -p0 %patch -P 2 -p1 %build %configure --docdir=%_docdir/%name --disable-static make %{?_smp_mflags} %install %makeinstall rm -f "%buildroot/%_libdir"/*.la %post -n libxcb1 -p /sbin/ldconfig %postun -n libxcb1 -p /sbin/ldconfig %post -n libxcb-composite0 -p /sbin/ldconfig %postun -n libxcb-composite0 -p /sbin/ldconfig %post -n libxcb-damage0 -p /sbin/ldconfig %postun -n libxcb-damage0 -p /sbin/ldconfig %post -n libxcb-dpms0 -p /sbin/ldconfig %postun -n libxcb-dpms0 -p /sbin/ldconfig %post -n libxcb-dri2-0 -p /sbin/ldconfig %postun -n libxcb-dri2-0 -p /sbin/ldconfig %post -n libxcb-glx0 -p /sbin/ldconfig %postun -n libxcb-glx0 -p /sbin/ldconfig %post -n libxcb-randr0 -p /sbin/ldconfig %postun -n libxcb-randr0 -p /sbin/ldconfig %post -n libxcb-record0 -p /sbin/ldconfig %postun -n libxcb-record0 -p /sbin/ldconfig %post -n libxcb-render0 -p /sbin/ldconfig %postun -n libxcb-render0 -p /sbin/ldconfig %post -n libxcb-res0 -p /sbin/ldconfig %postun -n libxcb-res0 -p /sbin/ldconfig %post -n libxcb-screensaver0 -p /sbin/ldconfig %postun -n libxcb-screensaver0 -p /sbin/ldconfig %post -n libxcb-shape0 -p /sbin/ldconfig %postun -n libxcb-shape0 -p /sbin/ldconfig %post -n libxcb-shm0 -p /sbin/ldconfig %postun -n libxcb-shm0 -p /sbin/ldconfig %post -n libxcb-sync0 -p /sbin/ldconfig %postun -n libxcb-sync0 -p /sbin/ldconfig %post -n libxcb-xevie0 -p /sbin/ldconfig %postun -n libxcb-xevie0 -p /sbin/ldconfig %post -n libxcb-xf86dri0 -p /sbin/ldconfig %postun -n libxcb-xf86dri0 -p /sbin/ldconfig %post -n libxcb-xfixes0 -p /sbin/ldconfig %postun -n libxcb-xfixes0 -p /sbin/ldconfig %post -n libxcb-xinerama0 -p /sbin/ldconfig %postun -n libxcb-xinerama0 -p /sbin/ldconfig %post -n libxcb-xprint0 -p /sbin/ldconfig %postun -n libxcb-xprint0 -p /sbin/ldconfig %post -n libxcb-xtest0 -p /sbin/ldconfig %postun -n libxcb-xtest0 -p /sbin/ldconfig %post -n libxcb-xv0 -p /sbin/ldconfig %postun -n libxcb-xv0 -p /sbin/ldconfig %post -n libxcb-xvmc0 -p /sbin/ldconfig %postun -n libxcb-xvmc0 -p /sbin/ldconfig %files -n libxcb1 %defattr(-,root,root) %_libdir/libxcb.so.1* %files -n libxcb-composite0 %defattr(-,root,root) %_libdir/libxcb-composite.so.0* %files -n libxcb-damage0 %defattr(-,root,root) %_libdir/libxcb-damage.so.0* %files -n libxcb-dpms0 %defattr(-,root,root) %_libdir/libxcb-dpms.so.0* %files -n libxcb-dri2-0 %defattr(-,root,root) %_libdir/libxcb-dri2.so.0* %files -n libxcb-glx0 %defattr(-,root,root) %_libdir/libxcb-glx.so.0* %files -n libxcb-randr0 %defattr(-,root,root) %_libdir/libxcb-randr.so.0* %files -n libxcb-record0 %defattr(-,root,root) %_libdir/libxcb-record.so.0* %files -n libxcb-render0 %defattr(-,root,root) %_libdir/libxcb-render.so.0* %files -n libxcb-res0 %defattr(-,root,root) %_libdir/libxcb-res.so.0* %files -n libxcb-screensaver0 %defattr(-,root,root) %_libdir/libxcb-screensaver.so.0* %files -n libxcb-shape0 %defattr(-,root,root) %_libdir/libxcb-shape.so.0* %files -n libxcb-shm0 %defattr(-,root,root) %_libdir/libxcb-shm.so.0* %files -n libxcb-sync0 %defattr(-,root,root) %_libdir/libxcb-sync.so.0* %files -n libxcb-xevie0 %defattr(-,root,root) %_libdir/libxcb-xevie.so.0* %files -n libxcb-xf86dri0 %defattr(-,root,root) %_libdir/libxcb-xf86dri.so.* %files -n libxcb-xfixes0 %defattr(-,root,root) %_libdir/libxcb-xfixes.so.* %files -n libxcb-xinerama0 %defattr(-,root,root) %_libdir/libxcb-xinerama.so.0* %files -n libxcb-xprint0 %defattr(-,root,root) %_libdir/libxcb-xprint.so.0* %files -n libxcb-xtest0 %defattr(-,root,root) %_libdir/libxcb-xtest.so.0* %files -n libxcb-xv0 %defattr(-,root,root) %_libdir/libxcb-xv.so.0* %files -n libxcb-xvmc0 %defattr(-,root,root) %_libdir/libxcb-xvmc.so.0* %files devel %defattr(-,root,root) %_includedir/xcb %_libdir/libxcb*.so %_libdir/pkgconfig/xcb*.pc %_docdir/%name %_mandir/man3/xcb* %changelog ++++++ U_0001-integer-overflow-in-read_packet-CVE-2013-2064.patch ++++++ >From 1b33867fa996034deb50819ae54640be501f8d20 Mon Sep 17 00:00:00 2001 From: Alan Coopersmith <[email protected]> Date: Wed, 1 May 2013 17:59:31 -0700 Subject: [PATCH] integer overflow in read_packet() [CVE-2013-2064] Ensure that when calculating the size of the incoming response from the Xserver, we don't overflow the integer used in the calculations when we multiply the int32_t length by 4 and add it to the default response size. Signed-off-by: Alan Coopersmith <[email protected]> --- src/xcb_in.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/xcb_in.c b/src/xcb_in.c index b810783..8a7af92 100644 --- a/src/xcb_in.c +++ b/src/xcb_in.c @@ -93,8 +93,9 @@ static void remove_finished_readers(reader_list **prev_reader, uint64_t complete static int read_packet(xcb_connection_t *c) { xcb_generic_reply_t genrep; - int length = 32; - int eventlength = 0; /* length after first 32 bytes for GenericEvents */ + uint64_t length = 32; + uint64_t eventlength = 0; /* length after first 32 bytes for GenericEvents */ + uint64_t bufsize; void *buf; pending_reply *pend = 0; struct event_list *event; @@ -169,8 +170,12 @@ static int read_packet(xcb_connection_t *c) if ((genrep.response_type & 0x7f) == XCB_XGE_EVENT) eventlength = genrep.length * 4; - buf = malloc(length + eventlength + - (genrep.response_type == XCB_REPLY ? 0 : sizeof(uint32_t))); + bufsize = length + eventlength + + (genrep.response_type == XCB_REPLY ? 0 : sizeof(uint32_t)); + if (bufsize < INT32_MAX) + buf = malloc((size_t) bufsize); + else + buf = NULL; if(!buf) { _xcb_conn_shutdown(c, XCB_CONN_CLOSED_MEM_INSUFFICIENT); -- 1.8.1.4 ++++++ baselibs.conf ++++++ libxcb1 provides "xorg-x11-libxcb-<targettype> = 7.6_<version>" obsoletes "xorg-x11-libxcb-<targettype> < 7.6_<version>" libxcb-composite0 libxcb-damage0 libxcb-dpms0 libxcb-dri2-0 libxcb-glx0 libxcb-randr0 libxcb-record0 libxcb-render0 libxcb-res0 libxcb-screensaver0 libxcb-shape0 libxcb-shm0 libxcb-sync0 libxcb-xevie0 libxcb-xf86dri0 libxcb-xfixes0 libxcb-xinerama0 libxcb-xprint0 libxcb-xtest0 libxcb-xv0 libxcb-xvmc0 libxcb-devel requires -libxcb-<targettype> requires "libxcb1-<targettype> = <version>" requires "libxcb-composite0-<targettype> = <version>" requires "libxcb-damage0-<targettype> = <version>" requires "libxcb-dpms0-<targettype> = <version>" requires "libxcb-dri2-0-<targettype> = <version>" requires "libxcb-glx0-<targettype> = <version>" requires "libxcb-randr0-<targettype> = <version>" requires "libxcb-record0-<targettype> = <version>" requires "libxcb-render0-<targettype> = <version>" requires "libxcb-res0-<targettype> = <version>" requires "libxcb-screensaver0-<targettype> = <version>" requires "libxcb-shape0-<targettype> = <version>" requires "libxcb-shm0-<targettype> = <version>" requires "libxcb-sync0-<targettype> = <version>" requires "libxcb-xevie0-<targettype> = <version>" requires "libxcb-xf86dri0-<targettype> = <version>" requires "libxcb-xfixes0-<targettype> = <version>" requires "libxcb-xinerama0-<targettype> = <version>" requires "libxcb-xprint0-<targettype> = <version>" requires "libxcb-xtest0-<targettype> = <version>" requires "libxcb-xv0-<targettype> = <version>" requires "libxcb-xvmc0-<targettype> = <version>" provides "xorg-x11-libxcb-devel-<targettype> = 7.6_<version>" obsoletes "xorg-x11-libxcb-devel-<targettype> < 7.6_<version>" ++++++ bug-262309_xcb-xauthlocalhostname.diff ++++++ --- src/xcb_auth.c.orig 2009-05-29 17:48:24.000000000 +0200 +++ src/xcb_auth.c 2009-05-29 17:56:01.000000000 +0200 @@ -100,2 +100,3 @@ static Xauth *get_authptr(struct sockadd int dispbuflen; + Xauth *authptr = NULL; @@ -143,6 +143,16 @@ static Xauth *get_authptr(struct sockadd - return XauGetBestAuthByAddr (family, - (unsigned short) addrlen, addr, - (unsigned short) dispbuflen, dispbuf, - N_AUTH_PROTOS, authnames, authnameslen); + authptr = XauGetBestAuthByAddr (family, + (unsigned short) addrlen, addr, + (unsigned short) dispbuflen, dispbuf, + N_AUTH_PROTOS, authnames, authnameslen); + // && !phostname + if ((!authptr || !authptr->data_length) && family == FamilyLocal) { + if ( (addr = getenv("XAUTHLOCALHOSTNAME")) ) { + authptr = XauGetBestAuthByAddr (family, + (unsigned short) strlen(addr), addr, + (unsigned short) dispbuflen, dispbuf, + N_AUTH_PROTOS, authnames, authnameslen); + } + } + return authptr; } -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
