Peter Hutterer
parent
834669aa45
commit
e0440b76d3
|
|
@ -0,0 +1,35 @@
|
|||
From bb1711b7fba42f2a0c7d1c09beee241a1b2bcc30 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Hutterer <peter.hutterer@who-t.net>
|
||||
Date: Mon, 19 Dec 2022 10:06:45 +1000
|
||||
Subject: [PATCH xserver] Xext: fix invalid event type mask in
|
||||
XTestSwapFakeInput
|
||||
|
||||
In commit b320ca0 the mask was inadvertently changed from octal 0177 to
|
||||
hexadecimal 0x177.
|
||||
|
||||
Fixes commit b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63
|
||||
Xtest: disallow GenericEvents in XTestSwapFakeInput
|
||||
|
||||
Found by Stuart Cassoff
|
||||
|
||||
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
||||
---
|
||||
Xext/xtest.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/Xext/xtest.c b/Xext/xtest.c
|
||||
index 2985a4ce6e..dde5c4cf9d 100644
|
||||
--- a/Xext/xtest.c
|
||||
+++ b/Xext/xtest.c
|
||||
@@ -502,7 +502,7 @@ XTestSwapFakeInput(ClientPtr client, xReq * req)
|
||||
|
||||
nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent);
|
||||
for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) {
|
||||
- int evtype = ev->u.u.type & 0x177;
|
||||
+ int evtype = ev->u.u.type & 0177;
|
||||
/* Swap event */
|
||||
proc = EventSwapVector[evtype];
|
||||
/* no swapping proc; invalid event type? */
|
||||
--
|
||||
2.38.1
|
||||
|
||||
|
|
@ -42,7 +42,7 @@
|
|||
Summary: X.Org X11 X server
|
||||
Name: xorg-x11-server
|
||||
Version: 1.20.11
|
||||
Release: 14%{?gitdate:.%{gitdate}}%{?dist}
|
||||
Release: 15%{?gitdate:.%{gitdate}}%{?dist}
|
||||
URL: http://www.x.org
|
||||
License: MIT
|
||||
|
||||
|
|
@ -150,6 +150,8 @@ Patch10022: 0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
|
|||
Patch10023: 0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
|
||||
# CVE-2022-46283
|
||||
Patch10024: 0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
|
||||
# Follow-up to CVE-2022-46340
|
||||
Patch10025: 0008-Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: systemtap-sdt-devel
|
||||
|
|
@ -559,6 +561,9 @@ find %{inst_srcdir}/hw/xfree86 -name \*.c -delete
|
|||
|
||||
|
||||
%changelog
|
||||
* Mon Dec 19 2022 Peter Hutterer <peter.hutterer@redhat.com> - 1.20.11-15
|
||||
- Follow-up fix for CVE-2022-46340 (#2151776)
|
||||
|
||||
* Wed Dec 14 2022 Peter Hutterer <peter.hutterer@redhat.com> - 1.20.11-14
|
||||
- CVE fix for: CVE-2022-4283 (#2151801), CVE-2022-46340 (#2151776),
|
||||
CVE-2022-46341 (#2151781), CVE-2022-46342 (#2151788),
|
||||
|
|
|
|||
Loading…
Reference in New Issue