import xorg-x11-server-1.20.8-9.el8
This commit is contained in:
parent
f1ce523ebe
commit
eb237a978c
|
@ -0,0 +1,33 @@
|
||||||
|
From aac28e162e5108510065ad4c323affd6deffd816 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Matthieu Herrb <matthieu@herrb.eu>
|
||||||
|
Date: Sat, 25 Jul 2020 19:33:50 +0200
|
||||||
|
Subject: [PATCH] fix for ZDI-11426
|
||||||
|
|
||||||
|
Avoid leaking un-initalized memory to clients by zeroing the
|
||||||
|
whole pixmap on initial allocation.
|
||||||
|
|
||||||
|
This vulnerability was discovered by:
|
||||||
|
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
|
||||||
|
|
||||||
|
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
|
||||||
|
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
||||||
|
---
|
||||||
|
dix/pixmap.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/dix/pixmap.c b/dix/pixmap.c
|
||||||
|
index 1186d7dbb..5a0146bbb 100644
|
||||||
|
--- a/dix/pixmap.c
|
||||||
|
+++ b/dix/pixmap.c
|
||||||
|
@@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
|
||||||
|
if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
|
||||||
|
return NullPixmap;
|
||||||
|
|
||||||
|
- pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
|
||||||
|
+ pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
|
||||||
|
if (!pPixmap)
|
||||||
|
return NullPixmap;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.25.4
|
||||||
|
|
|
@ -46,7 +46,7 @@
|
||||||
Summary: X.Org X11 X server
|
Summary: X.Org X11 X server
|
||||||
Name: xorg-x11-server
|
Name: xorg-x11-server
|
||||||
Version: 1.20.8
|
Version: 1.20.8
|
||||||
Release: 8%{?gitdate:.%{gitdate}}%{?dist}
|
Release: 9%{?gitdate:.%{gitdate}}%{?dist}
|
||||||
URL: http://www.x.org
|
URL: http://www.x.org
|
||||||
License: MIT
|
License: MIT
|
||||||
Group: User Interface/X
|
Group: User Interface/X
|
||||||
|
@ -127,6 +127,8 @@ Patch302: 0001-Fix-XIChangeHierarchy-integer-underflow.patch
|
||||||
Patch303: 0001-Fix-XkbSelectEvents-integer-underflow.patch
|
Patch303: 0001-Fix-XkbSelectEvents-integer-underflow.patch
|
||||||
# CVE-2020-14362
|
# CVE-2020-14362
|
||||||
Patch304: 0001-Fix-XRecordRegisterClients-Integer-underflow.patch
|
Patch304: 0001-Fix-XRecordRegisterClients-Integer-underflow.patch
|
||||||
|
# CVE-2020-14347
|
||||||
|
Patch305: 0001-fix-for-ZDI-11426.patch
|
||||||
|
|
||||||
BuildRequires: systemtap-sdt-devel
|
BuildRequires: systemtap-sdt-devel
|
||||||
BuildRequires: git
|
BuildRequires: git
|
||||||
|
@ -571,6 +573,9 @@ find %{inst_srcdir}/hw/xfree86 -name \*.c -delete
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 16 2020 Adam Jackson <ajax@redhat.com> - 1.20.8-9
|
||||||
|
- CVE fix for: CVE-2020-14347 (#1862320)
|
||||||
|
|
||||||
* Thu Oct 29 2020 Michel Dänzer <mdaenzer@redhat.com> - 1.20.8-8
|
* Thu Oct 29 2020 Michel Dänzer <mdaenzer@redhat.com> - 1.20.8-8
|
||||||
- CVE fixes for: CVE-2020-14345 (#1872391), CVE-2020-14346 (#1872395),
|
- CVE fixes for: CVE-2020-14345 (#1872391), CVE-2020-14346 (#1872395),
|
||||||
CVE-2020-14361 (#1872402), CVE-2020-14362 (#1872409)
|
CVE-2020-14361 (#1872402), CVE-2020-14362 (#1872409)
|
||||||
|
|
Loading…
Reference in New Issue