Fix server reply validation issue in XIM (CVE 2020-14344)

2020-07-31 12:02:45 -04:00 · 2020-07-31 12:02:45 -04:00 · abe139c3ce
commit abe139c3ce
parent 7a6879983c
1 changed files with 16 additions and 1 deletions
--- a/libX11.spec
+++ b/libX11.spec
@ -5,7 +5,7 @@
 Summary: Core X11 protocol client library
 Name: libX11
 Version: 1.6.9
-Release: 4%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
+Release: 5%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
 License: MIT
 URL: http://www.x.org

@ -20,6 +20,13 @@ Source0: https://xorg.freedesktop.org/archive/individual/lib/%{name}-%{version}.
 Patch2: dont-forward-keycode-0.patch
 Patch3: 0001-Handle-ssharp-in-XConvertCase.patch

+# CVE 2020-14344
+Patch11: 0001-Fix-signed-length-values-in-_XimGetAttributeID.patch
+Patch12: 0002-fix-integer-overflows-in-_XimAttributeToValue.patch
+Patch13: 0003-Fix-more-unchecked-lengths.patch
+Patch14: 0004-Zero-out-buffers-in-functions.patch
+Patch15: 0005-Change-the-data_len-parameter-of-_XimAttributeToValu.patch
+
 BuildRequires: xorg-x11-util-macros >= 1.11
 BuildRequires: pkgconfig(xproto) >= 7.0.15
 BuildRequires: xorg-x11-xtrans-devel >= 1.0.3-4
@ -58,6 +65,11 @@ libX11/libxcb interoperability library
 %setup -q -n %{tarball}-%{?gitdate:%{gitdate}}%{!?gitdate:%{version}}
 %patch2 -p1 -b .dont-forward-keycode-0
 %patch3 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1

 %build
 autoreconf -v --install --force
@ -123,6 +135,9 @@ make %{?_smp_mflags} check
 %{_mandir}/man5/*.5*

 %changelog
+* Fri Jul 31 2020 Adam Jackson <ajax@redhat.com> - 1.6.9-5
+- Fix server reply validation issue in XIM (CVE 2020-14344)
+
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.9-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild