libX11 1.6.12 (CVE-2020-14363, CVE 2020-14344)

0001-Handle-ssharp-in-XConvertCase.patch

@@ -1,52 +0,0 @@
-From 4e08eddcbd4ce67fc3879ac9ed67a9c75ef99780 Mon Sep 17 00:00:00 2001
-From: Peter Hutterer <peter.hutterer@who-t.net>
-Date: Wed, 11 Dec 2019 14:12:27 +1000
-Subject: [PATCH libX11] Handle ssharp in XConvertCase()
-
-lowercase: LATIN SMALL LETTER SHARP S (U+00DF)
-uppercase: LATIN CAPITAL LETTER SHARP S (U+1E9E)
-
-The uppercase sharp s (XK_ssharp) is a relatively recent addition to unicode
-but was added to the relevant keyboard layouts in xkeyboard-config-2.25
-(d1411e5e95c)
-https://gitlab.freedesktop.org/xkeyboard-config/xkeyboard-config/issues/144
-
-Alas, the CapsLock behavior was broken on the finnish layout (maybe others).
-This was due to xkbcomp using XConvertCase() to determine whether a key
-requires the type FOUR_LEVEL_ALPHABETIC or FOUR_LEVEL_SEMIALPHABETIC.
-
-Let's make this function return the right lower/upper symbols for the sharp s
-and hope that the world won't get any worse because of it.
-
-https://gitlab.freedesktop.org/xorg/lib/libx11/issues/110
-
-Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
----
- src/KeyBind.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/KeyBind.c b/src/KeyBind.c
-index d7c78b37..225581ca 100644
---- a/src/KeyBind.c
-+++ b/src/KeyBind.c
-@@ -466,6 +466,8 @@ UCSConvertCase( register unsigned code,
-             *upper = 0x0178;
-         else if (code == 0x00b5)      /* micro sign */
-             *upper = 0x039c;
-+        else if (code == 0x00df)      /* ssharp */
-+            *upper = 0x1e9e;
- 	return;
-     }
- 
-@@ -595,6 +597,8 @@ UCSConvertCase( register unsigned code,
-         }
-         else if (code == 0x1e9b)
-             *upper = 0x1e60;
-+        else if (code == 0x1e9e)
-+            *lower = XK_ssharp;
-     }
- 
-     /* Greek Extended, U+1F00 to U+1FFF */
--- 
-2.23.0
-

libX11.spec

@@ -4,8 +4,8 @@
 
 Summary: Core X11 protocol client library
 Name: libX11
-Version: 1.6.9
-Release: 5%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
+Version: 1.6.12
+Release: 1%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
 License: MIT
 URL: http://www.x.org
 
@@ -18,14 +18,6 @@ Source0: https://xorg.freedesktop.org/archive/individual/lib/%{name}-%{version}.
 %endif
 
 Patch2: dont-forward-keycode-0.patch
-Patch3: 0001-Handle-ssharp-in-XConvertCase.patch
-
-# CVE 2020-14344
-Patch11: 0001-Fix-signed-length-values-in-_XimGetAttributeID.patch
-Patch12: 0002-fix-integer-overflows-in-_XimAttributeToValue.patch
-Patch13: 0003-Fix-more-unchecked-lengths.patch
-Patch14: 0004-Zero-out-buffers-in-functions.patch
-Patch15: 0005-Change-the-data_len-parameter-of-_XimAttributeToValu.patch
 
 BuildRequires: xorg-x11-util-macros >= 1.11
 BuildRequires: pkgconfig(xproto) >= 7.0.15
@@ -64,12 +56,6 @@ libX11/libxcb interoperability library
 %prep
 %setup -q -n %{tarball}-%{?gitdate:%{gitdate}}%{!?gitdate:%{version}}
 %patch2 -p1 -b .dont-forward-keycode-0
-%patch3 -p1
-%patch11 -p1
-%patch12 -p1
-%patch13 -p1
-%patch14 -p1
-%patch15 -p1
 
 %build
 autoreconf -v --install --force
@@ -135,6 +121,9 @@ make %{?_smp_mflags} check
 %{_mandir}/man5/*.5*
 
 %changelog
+* Wed Aug 26 2020 Peter Hutterer <peter.hutterer@redhat.com> 1.6.12-1
+- libX11 1.6.12 (CVE-2020-14363, CVE 2020-14344)
+
 * Fri Jul 31 2020 Adam Jackson <ajax@redhat.com> - 1.6.9-5
 - Fix server reply validation issue in XIM (CVE 2020-14344)
 

sources

@@ -1 +1 @@
-SHA512 (libX11-1.6.9.tar.bz2) = fc18f0dc17ade1fc37402179f52e1f2b9c7b7d3a1a9590fea13046eb0c5193b4796289431cd99388eac01e8e59de77db45d2c9675d4f05ef8cf3ba6382c3dd31
+SHA512 (libX11-1.6.12.tar.bz2) = 79df7d61d9009b0dd3b65f67a62189aa0a43799c01026b3d2d534092596a0b67f246af5e398a89eb1ccc61a27335f81be8262b8a39768a76f62d862cd7415a47