Bug#849045: say where to file upstream bugs
Package: x11-xserver-utils Version: 7.7+7 Severity: wishlist Please in /usr/share/doc/x11-xserver-utils/ and on each man page say that one should file upstream bugs at https://bugs.freedesktop.org/enter_bug.cgi?product=xorg /usr/share/doc/x11-xserver-utils/ mentions http://xorg.freedesktop.org/releases/individual/app/ but that is rather distant.
Bug#849026: libxi_1.6.1-1+deb7u2 introduced free of unallocated object
Package: libxi Version: 1.6.1-1+deb7u2 After updating the above package (from deb7u1), various applications (google-chrome-stable notably) begin to crash with messages indicating an attempt to free an invalid pointer. Upon looking into the issue further, I noticed that the following addition to XIQueryDevice.c is flawed: @@ -103,7 +130,17 @@ SyncHandle(); return info; +error_loop: +while (--i >= 0) +{ +Xfree(info[i].name); +Xfree(info[i].classes); +} error: +Xfree(info); +Xfree(buf); UnlockDisplay(dpy); SyncHandle(); There are 3 places that "goto error", two before info and buf are allocated, and one after we've checked and found one (or both) to be NULL. Moving those Xfree()s up a couple of lines into error_loop (where we know they are already allocated) fixes the problem.
Processed: Re: Bug#848818: xterm: ctlseqs.txt is not rebuilt from ctlseq.ms
Processing control commands: > reopen -1 Bug #848818 {Done: Thomas Dickey} [xterm] xterm: ctlseqs.txt is not rebuilt from ctlseq.ms Bug reopened Ignoring request to alter fixed versions of bug #848818 to the same values previously set > tags -1 - wontfix Bug #848818 [xterm] xterm: ctlseqs.txt is not rebuilt from ctlseq.ms Removed tag(s) wontfix. -- 848818: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848818 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#848818: xterm: ctlseqs.txt is not rebuilt from ctlseq.ms
Control: reopen -1 Control: tags -1 - wontfix On 2016-12-21 05:39 +, Branden Robinson wrote: > On Tue, Dec 20, 2016 at 9:26 AM, Thomas Dickeywrote: >> severity 848818 wishlist >> close 848818 >> >> I'm not going to discuss this further - >> >> https://www.debian.org/Bugs/Developer#severities >> http://invisible-island.net/personal/changelogs.html#problem_hostile > > It's been a while since I've had one of these arguments, but reviewing > Policy 2.1 I agree. > > Failure to generate ctlseqs.* from ctlseqs.ms would be a GPL violation > and thus a "serious" bug if: > 1. The document were under the GPL; and > 2. Debian didn't make the ctlseqs.ms and the requisite tools for > generating its dervative forms available. > > ...but neither of those prerequisites is the case. > > That said, I think it would be _nice_ if a package produced all its > generated forms of documentation from their source forms as part of > the build process, and declared Build-Depends appropriately. Yes, that's considered best practice. Thus I'm re-opening the bug. Cheers, Sven
Processed: adjusting severity
Processing commands for cont...@bugs.debian.org: > severity 848938 important Bug #848938 [xserver-xorg-video-nouveau] xserver-xorg-video-nouveau: KDE freezes sometimes. Nouveau gives a message like "CACHE_ERROR". Severity set to 'important' from 'grave' > thanks Stopping processing here. Please contact me if you need assistance. -- 848938: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848938 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
libxpm: Changes to 'debian-unstable'
ChangeLog | 89 + configure.ac|2 debian/README.source| 24 - debian/changelog| 17 + debian/compat |2 debian/control | 71 +--- debian/copyright|2 debian/patches/series |1 debian/rules|5 debian/upstream/signing-key.asc | 64 debian/watch|3 debian/xsfbs/repack.sh | 32 -- debian/xsfbs/xsfbs.mk | 285 -- debian/xsfbs/xsfbs.sh | 622 src/CrDatFrI.c | 34 +- src/RdFToBuf.c |4 src/WrFFrBuf.c |2 src/create.c| 11 src/parse.c | 40 ++ 19 files changed, 268 insertions(+), 1042 deletions(-) New commits: commit 4f6991e94050673168276a0b4101a84e4d59e99c Author: Andreas BollDate: Wed Dec 21 14:25:09 2016 +0100 Bump Standards-Version to 3.9.8. diff --git a/debian/control b/debian/control index 8c99829..1c97e6e 100644 --- a/debian/control +++ b/debian/control @@ -11,7 +11,7 @@ Build-Depends: x11proto-core-dev (>= 7.0.17), libxext-dev (>= 1:0.99.1), pkg-config, -Standards-Version: 3.8.3 +Standards-Version: 3.9.8 Homepage: https://www.x.org Vcs-Git: https://anonscm.debian.org/git/pkg-xorg/lib/libxpm.git Vcs-Browser: https://anonscm.debian.org/git/pkg-xorg/lib/libxpm.git commit a02ceee9b90ce5049e4e4c352d94d11ffc46cc6e Author: Andreas Boll Date: Wed Dec 21 14:19:38 2016 +0100 Drop no longer needed dpkg-dev versioned build-dependency. diff --git a/debian/changelog b/debian/changelog index 8e6a03b..45c8e41 100644 --- a/debian/changelog +++ b/debian/changelog @@ -11,6 +11,7 @@ libxpm (1:3.5.12-1) UNRELEASED; urgency=medium - Drop build-deps on dh-autoreconf, automake and libtool. * Stop passing --disable-silent-rules to configure, debhelper does that for a while. + * Drop no longer needed dpkg-dev versioned build-dependency. -- Andreas Boll Wed, 21 Dec 2016 13:47:54 +0100 diff --git a/debian/control b/debian/control index e451bdd..8c99829 100644 --- a/debian/control +++ b/debian/control @@ -5,7 +5,6 @@ Maintainer: Debian X Strike Force Build-Depends: debhelper (>= 10), quilt, - dpkg-dev (>= 1.16.0), xutils-dev (>= 1:7.5+4), libx11-dev (>= 1:0.99.2), libxt-dev (>= 1:0.99.1-5), commit 2ad86a778230a724c4cdaf9fdee44a354dc19955 Author: Andreas Boll Date: Wed Dec 21 14:19:05 2016 +0100 Stop passing --disable-silent-rules to configure, debhelper does that for a while. diff --git a/debian/changelog b/debian/changelog index 7544850..8e6a03b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -9,6 +9,8 @@ libxpm (1:3.5.12-1) UNRELEASED; urgency=medium * Add placeholder comment into series file. * Bump debhelper compat to 10. - Drop build-deps on dh-autoreconf, automake and libtool. + * Stop passing --disable-silent-rules to configure, debhelper does +that for a while. -- Andreas Boll Wed, 21 Dec 2016 13:47:54 +0100 diff --git a/debian/rules b/debian/rules index 72b272e..f48ab8f 100755 --- a/debian/rules +++ b/debian/rules @@ -13,9 +13,6 @@ PACKAGE = libxpm4 %: dh $@ --with quilt --builddirectory=build/ -override_dh_auto_configure: - dh_auto_configure -- --disable-silent-rules - override_dh_install: dh_install --fail-missing -XlibXpm.la commit 3a83c47029413946126d5fc4380cadab7ad8bf2e Author: Andreas Boll Date: Wed Dec 21 14:18:04 2016 +0100 Drop build-deps on dh-autoreconf, automake and libtool. diff --git a/debian/changelog b/debian/changelog index 299c0d1..7544850 100644 --- a/debian/changelog +++ b/debian/changelog @@ -8,6 +8,7 @@ libxpm (1:3.5.12-1) UNRELEASED; urgency=medium * Remove obsolete xsfbs. * Add placeholder comment into series file. * Bump debhelper compat to 10. +- Drop build-deps on dh-autoreconf, automake and libtool. -- Andreas Boll Wed, 21 Dec 2016 13:47:54 +0100 diff --git a/debian/control b/debian/control index 3980974..e451bdd 100644 --- a/debian/control +++ b/debian/control @@ -4,11 +4,8 @@ Priority: optional Maintainer: Debian X Strike Force Build-Depends: debhelper (>= 10), - dh-autoreconf, quilt, dpkg-dev (>= 1.16.0), - automake, - libtool, xutils-dev (>= 1:7.5+4), libx11-dev (>= 1:0.99.2), libxt-dev (>= 1:0.99.1-5), commit e3f955085347ed636d5f6ec58716ad08814156fe Author: Andreas Boll Date: Wed Dec 21 14:15:37 2016 +0100 Bump debhelper compat to 10. diff --git a/debian/changelog b/debian/changelog index 090d2e2..299c0d1 100644 ---
libxpm: Changes to 'upstream-unstable'
configure.ac |2 +- src/CrDatFrI.c | 34 +- src/RdFToBuf.c |4 src/WrFFrBuf.c |2 +- src/create.c | 11 ++- src/parse.c| 40 6 files changed, 69 insertions(+), 24 deletions(-) New commits: commit 1fab5e81fd761f628fb68d22934615536dbd0220 Author: Matthieu HerrbDate: Mon Dec 12 23:09:52 2016 +0100 libXpm 3.5.12 Signed-off-by: Matthieu Herrb diff --git a/configure.ac b/configure.ac index 46e2a27..2feb9ff 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ # Initialize Autoconf AC_PREREQ([2.60]) -AC_INIT([libXpm], [3.5.11], +AC_INIT([libXpm], [3.5.12], [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libXpm]) AC_CONFIG_SRCDIR([Makefile.am]) AC_CONFIG_HEADERS([config.h]) commit 8b3024e6871ce50b34bf2dff924774bd654703bc Author: Tobias Stoeckmann Date: Sun Dec 11 13:50:05 2016 +0100 Handle size_t in file/buffer length The values of file sizes and buffer sizes can exceed current limits. Therefore, use proper variable types for these operations. Signed-off-by: Matthieu Herrb Reviewed-by: Matthieu Herrb diff --git a/src/RdFToBuf.c b/src/RdFToBuf.c index 7f8ebee..69e3347 100644 --- a/src/RdFToBuf.c +++ b/src/RdFToBuf.c @@ -89,6 +89,10 @@ XpmReadFileToBuffer( return XpmOpenFailed; } len = stats.st_size; +if (len < 0 || len >= SIZE_MAX) { + close(fd); + return XpmOpenFailed; +} ptr = (char *) XpmMalloc(len + 1); if (!ptr) { fclose(fp); diff --git a/src/WrFFrBuf.c b/src/WrFFrBuf.c index b80aa62..0e57cc8 100644 --- a/src/WrFFrBuf.c +++ b/src/WrFFrBuf.c @@ -44,7 +44,7 @@ XpmWriteFileFromBuffer( const char *filename, char *buffer) { -int fcheck, len; +size_t fcheck, len; FILE *fp = fopen(filename, "w"); if (!fp) commit d1167418f0fd02a27f617ec5afd6db053afbe185 Author: Tobias Stoeckmann Date: Thu Dec 8 17:07:55 2016 +0100 Avoid OOB write when handling malicious XPM files. libXpm uses unsigned int to store sizes, which fits size_t on 32 bit systems, but leads to issues on 64 bit systems. On 64 bit systems, it is possible to overflow 32 bit integers while parsing XPM extensions in a file. At first, it looks like a rather unimportant detail, because nobody will seriously open a 4 GB file. But unfortunately XPM has support for gzip compression out of the box. An attacker can therefore craft a compressed file which is merely 4 MB in size, which makes an attack much for feasable. Signed-off-by: Matthieu Herrb Reviewed-by: Matthieu Herrb diff --git a/src/CrDatFrI.c b/src/CrDatFrI.c index 0dacf51..6735bfc 100644 --- a/src/CrDatFrI.c +++ b/src/CrDatFrI.c @@ -48,7 +48,7 @@ LFUNC(CreatePixels, void, (char **dataptr, unsigned int data_size, unsigned int height, unsigned int cpp, unsigned int *pixels, XpmColor *colors)); -LFUNC(CountExtensions, void, (XpmExtension *ext, unsigned int num, +LFUNC(CountExtensions, int, (XpmExtension *ext, unsigned int num, unsigned int *ext_size, unsigned int *ext_nlines)); @@ -122,8 +122,9 @@ XpmCreateDataFromXpmImage( /* compute the number of extensions lines and size */ if (extensions) - CountExtensions(info->extensions, info->nextensions, - _size, _nlines); + if (CountExtensions(info->extensions, info->nextensions, + _size, _nlines)) + return(XpmNoMemory); /* * alloc a temporary array of char pointer for the header section which @@ -187,7 +188,8 @@ XpmCreateDataFromXpmImage( if(offset <= image->width || offset <= image->cpp) RETURN(XpmNoMemory); -if( (image->height + ext_nlines) >= UINT_MAX / sizeof(char *)) +if (image->height > UINT_MAX - ext_nlines || + image->height + ext_nlines >= UINT_MAX / sizeof(char *)) RETURN(XpmNoMemory); data_size = (image->height + ext_nlines) * sizeof(char *); @@ -196,7 +198,8 @@ XpmCreateDataFromXpmImage( RETURN(XpmNoMemory); data_size += image->height * offset; -if( (header_size + ext_size) >= (UINT_MAX - data_size) ) +if (header_size > UINT_MAX - ext_size || + header_size + ext_size >= (UINT_MAX - data_size) ) RETURN(XpmNoMemory); data_size += header_size + ext_size; @@ -343,13 +346,14 @@ CreatePixels( *s = '\0'; } -static void +static int CountExtensions( XpmExtension *ext, unsigned intnum, unsigned int *ext_size, unsigned int *ext_nlines) { +size_t len; unsigned int x, y, a, size, nlines;
Bug#847345: libx11-6: the locale is not supported by Xlib, continuing without locale support
severity 847345 grave thanks (oops, forgot bug number) -- Tomáš Janoušek, a.k.a. Pivník, a.k.a. Liskni_si, http://work.lisk.in/
Processed: Re: Bug#847345: libx11-6: the locale is not supported by Xlib, continuing without locale support
Processing commands for cont...@bugs.debian.org: > severity 847345 grave Bug #847345 [libx11-6] libx11-6: the locale is not supported by Xlib, continuing without locale support Severity set to 'grave' from 'normal' > thanks Stopping processing here. Please contact me if you need assistance. -- 847345: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847345 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#847345: libx11-6: the locale is not supported by Xlib, continuing without locale support
severity grave thanks Hi Kepi, On Fri, Dec 09, 2016 at 11:29:40PM +0100, Kepi wrote: > I have same problem. IMHO serverity of this bug should be raised as this > is making system unusable for people with czech locales. Indeed, severity should've been raised. The package migrated to testing a few days ago and probably rendered a lot of systems unusable. Please don't be afraid to raise the severity yourself next time. Thanks. :-) -- Tomáš Janoušek, a.k.a. Pivník, a.k.a. Liskni_si, http://work.lisk.in/
Bug#848960: xserver-xorg segfaults after starting afterstep
Package: xserver-xorg Version: 1:7.7+18 Severity: important Dear Maintainer, * What led up to the situation? Last week, after performing my weekly Debian update / upgrade session and after rebooting my desktop computer the xserver segfaulted after logging in and the (afterstep) window manager had started. Ususally it segfaults immediately after starting up afterstep, occasionally after about 15 seconds after showing afterstep's opening screen. * What exactly did you do (or not do) that was effective (or ineffective)? Assuming that the problem was related to the recent update I completely removed xdm, xorg, xserver-xorg, and afterstep (and any libraries only used by these packages) from my computer, and installed their stable versions (I'm using Debian testing). The problem, however, remained. Next I switched my window manager from afterstep to fvwm: the segfault no longer appeared. Maybe the segfault somehow is related to using afterstep, but in the end it's the X server that segfaults, which is why I filed the problem as a xserver bug. I couldn't find hints as to what might be happening in the xserver-xorg log (which is automatically included by reportbug in this bug report. If you want a clean log file, generated after reinstalling the packages and rebooting, then please let me know. Xdm's log, however, did show the segfault: Tue Dec 20 12:32:04 2016 xdm info (pid 16348): Starting Tue Dec 20 12:32:04 2016 xdm info (pid 16348): Starting X server on :0 X.Org X Server 1.19.0 Release Date: 2016-11-15 X Protocol Version 11, Revision 0 Build Operating System: Linux 3.16.0-4-amd64 x86_64 Debian Current Operating System: Linux suffix 4.8.0-2-amd64 #1 SMP Debian 4.8.11-1 (2016-12-02) x86_64 Kernel command line: BOOT_IMAGE=/boot/vmlinuz-4.8.0-2-amd64 root=UUID=92e1ce07-b39b-462f-aad2-236f67bd86ef ro quiet Build Date: 23 November 2016 07:20:23PM xorg-server 2:1.19.0-2 (https://www.debian.org/support) Current version of pixman: 0.34.0 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/Xorg.0.log", Time: Tue Dec 20 12:32:04 2016 (==) Using system config directory "/usr/share/X11/xorg.conf.d" resize called 1680 1050 Tue Dec 20 12:32:05 2016 xdm info (pid 16358): sourcing /etc/X11/xdm/Xsetup Tue Dec 20 12:32:17 2016 xdm info (pid 16358): sourcing /etc/X11/xdm/Xstartup Tue Dec 20 12:32:17 2016 xdm info (pid 16374): executing session /etc/X11/xdm/Xsession (EE) (EE) Backtrace: (EE) 0: /usr/lib/xorg/Xorg (xorg_backtrace+0x4a) [0x55c9a2bfffea] (EE) 1: /usr/lib/xorg/Xorg (0x55c9a2a47000+0x1bcd69) [0x55c9a2c03d69] (EE) 2: /lib/x86_64-linux-gnu/libpthread.so.0 (0x7fd62c215000+0x11100) [0x7fd62c226100] (EE) 3: ?? [0x55c9a52c1038] (EE) (EE) Segmentation fault at address 0x55c9a52c1038 (EE) Fatal server error: (EE) Caught signal 11 (Segmentation fault). Server aborting (EE) (EE) Please consult the The X.Org Foundation support at http://wiki.x.org for help. (EE) Please also check the log file at "/var/log/Xorg.0.log" for additional information. (EE) (II) AIGLX: Suspending AIGLX clients for VT switch (EE) Server terminated with error (1). Closing log file. Tue Dec 20 12:32:39 2016 xdm info (pid 16358): sourcing /etc/X11/xdm/Xreset Tue Dec 20 12:32:39 2016 xdm info (pid 16348): Starting X server on :0 Tue Dec 20 12:32:39 2016 xdm error (pid 16348): Server for display :0 terminated unexpectedly: 1536 Tue Dec 20 12:32:39 2016 xdm info (pid 16348): Starting X server on :0 X.Org X Server 1.19.0 Release Date: 2016-11-15 X Protocol Version 11, Revision 0 Build Operating System: Linux 3.16.0-4-amd64 x86_64 Debian Current Operating System: Linux suffix 4.8.0-2-amd64 #1 SMP Debian 4.8.11-1 (2016-12-02) x86_64 Kernel command line: BOOT_IMAGE=/boot/vmlinuz-4.8.0-2-amd64 root=UUID=92e1ce07-b39b-462f-aad2-236f67bd86ef ro quiet Build Date: 23 November 2016 07:20:23PM xorg-server 2:1.19.0-2 (https://www.debian.org/support) Current version of pixman: 0.34.0 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/Xorg.0.log", Time: Tue Dec 20 12:32:39 2016 (==) Using system config directory "/usr/share/X11/xorg.conf.d" resize called 1680 1050 Tue Dec 20 12:32:40 2016 xdm info (pid 16587): sourcing