Fix buggy patch to CVE-2022-46340
This commit is contained in:
Peter Hutterer
parent
75e6f92d0f
commit
fc0c7be4e3
@ -0,0 +1,35 @@
|
|||||||
|
From bb1711b7fba42f2a0c7d1c09beee241a1b2bcc30 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Hutterer <peter.hutterer@who-t.net>
|
||||||
|
Date: Mon, 19 Dec 2022 10:06:45 +1000
|
||||||
|
Subject: [PATCH xserver] Xext: fix invalid event type mask in
|
||||||
|
XTestSwapFakeInput
|
||||||
|
|
||||||
|
In commit b320ca0 the mask was inadvertently changed from octal 0177 to
|
||||||
|
hexadecimal 0x177.
|
||||||
|
|
||||||
|
Fixes commit b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63
|
||||||
|
Xtest: disallow GenericEvents in XTestSwapFakeInput
|
||||||
|
|
||||||
|
Found by Stuart Cassoff
|
||||||
|
|
||||||
|
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
||||||
|
---
|
||||||
|
Xext/xtest.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/Xext/xtest.c b/Xext/xtest.c
|
||||||
|
index 2985a4ce6e..dde5c4cf9d 100644
|
||||||
|
--- a/Xext/xtest.c
|
||||||
|
+++ b/Xext/xtest.c
|
||||||
|
@@ -502,7 +502,7 @@ XTestSwapFakeInput(ClientPtr client, xReq * req)
|
||||||
|
|
||||||
|
nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent);
|
||||||
|
for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) {
|
||||||
|
- int evtype = ev->u.u.type & 0x177;
|
||||||
|
+ int evtype = ev->u.u.type & 0177;
|
||||||
|
/* Swap event */
|
||||||
|
proc = EventSwapVector[evtype];
|
||||||
|
/* no swapping proc; invalid event type? */
|
||||||
|
--
|
||||||
|
2.38.1
|
||||||
|
|
||||||
@ -46,7 +46,7 @@
|
|||||||
Summary: X.Org X11 X server
|
Summary: X.Org X11 X server
|
||||||
Name: xorg-x11-server
|
Name: xorg-x11-server
|
||||||
Version: 1.20.14
|
Version: 1.20.14
|
||||||
Release: 11%{?gitdate:.%{gitdate}}%{?dist}
|
Release: 12%{?gitdate:.%{gitdate}}%{?dist}
|
||||||
URL: http://www.x.org
|
URL: http://www.x.org
|
||||||
License: MIT
|
License: MIT
|
||||||
|
|
||||||
@ -131,6 +131,8 @@ Patch119: 0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
|
|||||||
Patch120: 0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
|
Patch120: 0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
|
||||||
# CVE-2022-46283
|
# CVE-2022-46283
|
||||||
Patch121: 0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
|
Patch121: 0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
|
||||||
|
# Fix for buggy patch to CVE-2022-46340
|
||||||
|
Patch122: 0008-Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch
|
||||||
|
|
||||||
BuildRequires: make
|
BuildRequires: make
|
||||||
BuildRequires: systemtap-sdt-devel
|
BuildRequires: systemtap-sdt-devel
|
||||||
@ -545,6 +547,9 @@ find %{inst_srcdir}/hw/xfree86 -name \*.c -delete
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Dec 19 2022 Peter Hutterer <peter.hutterer@redhat.com> - 1.20.14-12
|
||||||
|
- Fix buggy patch to CVE-2022-46340
|
||||||
|
|
||||||
* Wed Dec 14 2022 Peter Hutterer <peter.hutterer@redhat.com> 1.20.14-11
|
* Wed Dec 14 2022 Peter Hutterer <peter.hutterer@redhat.com> 1.20.14-11
|
||||||
- CVE fix for: CVE-2022-4283, CVE-2022-46340, CVE-2022-46341,
|
- CVE fix for: CVE-2022-4283, CVE-2022-46340, CVE-2022-46341,
|
||||||
CVE-2022-46342, CVE-2022-46343, CVE-2022-46344
|
CVE-2022-46342, CVE-2022-46343, CVE-2022-46344
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user