Hello community,
here is the log from the commit of package libXrender for openSUSE:Factory checked in at 2016-11-05 21:21:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libXrender (Old)
and /work/SRC/openSUSE:Factory/.libXrender.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libXrender"
Changes:
--------
--- /work/SRC/openSUSE:Factory/libXrender/libXrender.changes 2015-05-06 07:48:02.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.libXrender.new/libXrender.changes 2016-11-05 21:21:37.000000000 +0100
@@ -1,0 +2,8 @@
+Sat Oct 29 00:03:45 UTC 2016 - tobias.johannes.klausmann@mni.thm.de
+
+- Update to version 0.9.10:
+ + Fix documentation to explicitly mention premultiplied alpha
+ + Avoid OOB write in XRenderQueryFilters
+ + Validate lengths while parsing server data.
+
+-------------------------------------------------------------------
Old:
----
libXrender-0.9.9.tar.bz2
New:
----
libXrender-0.9.10.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libXrender.spec ++++++
--- /var/tmp/diff_new_pack.0qDwh3/_old 2016-11-05 21:21:38.000000000 +0100
+++ /var/tmp/diff_new_pack.0qDwh3/_new 2016-11-05 21:21:38.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libXrender
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
Name: libXrender
%define lname libXrender1
-Version: 0.9.9
+Version: 0.9.10
Release: 0
Summary: X Rendering Extension library
License: MIT
@@ -42,8 +42,8 @@
%package -n %lname
Summary: X Rendering Extension library
-Group: System/Libraries
# O/P added for 12.2
+Group: System/Libraries
Provides: xorg-x11-libXrender = 7.6_%version-%release
Obsoletes: xorg-x11-libXrender < 7.6_%version-%release
++++++ libXrender-0.9.9.tar.bz2 -> libXrender-0.9.10.tar.bz2 ++++++
++++ 11910 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXrender-0.9.9/ChangeLog new/libXrender-0.9.10/ChangeLog
--- old/libXrender-0.9.9/ChangeLog 2015-05-01 07:31:06.000000000 +0200
+++ new/libXrender-0.9.10/ChangeLog 2016-10-04 22:23:40.000000000 +0200
@@ -1,3 +1,59 @@
+commit 845716f8f14963d338e5a8d5d2424baafc90fb30
+Author: Matthieu Herrb
+Date: Tue Oct 4 21:24:55 2016 +0200
+
+ libXrender 0.9.10
+
+ Signed-off-by: Matthieu Herrb
+
+commit 9362c7ddd1af3b168953d0737877bc52d79c94f4
+Author: Tobias Stoeckmann
+Date: Sun Sep 25 21:43:09 2016 +0200
+
+ Validate lengths while parsing server data.
+
+ Individual lengths inside received server data can overflow
+ the previously reserved memory.
+
+ It is therefore important to validate every single length
+ field to not overflow the previously agreed sum of all invidual
+ length fields.
+
+ v2: consume remaining bytes in the reply buffer on error.
+
+ Signed-off-by: Tobias Stoeckmann
+ Reviewed-by: Matthieu Herrb@laas.fr
+
+commit 8fad00b0b647ee662ce4737ca15be033b7a21714
+Author: Tobias Stoeckmann
+Date: Sun Sep 25 21:42:09 2016 +0200
+
+ Avoid OOB write in XRenderQueryFilters
+
+ The memory for filter names is reserved right after receiving the reply.
+ After that, filters are iterated and each individual filter name is
+ stored in that reserved memory.
+
+ The individual name lengths are not checked for validity, which means
+ that a malicious server can reserve less memory than it will write to
+ during each iteration.
+
+ v2: consume remaining bytes in reply buffer on error.
+
+ Signed-off-by: Tobias Stoeckmann
+ Reviewed-by: Matthieu Herrb
+
+commit b2df5bc42f64b45e44dbad61f3386bcb5ec1383d
+Author: Lauri Kasanen
+Date: Mon May 18 19:41:03 2015 +0300
+
+ Fix documentation to explicitly mention premultiplied alpha
+
+ Before this patch, it wasn't mentioned in this file at all, which
+ is a monumental oversight.
+
+ Signed-off-by: Lauri Kasanen
+
commit bb890936bcc6053cb7a46cd9225c257ff1be389f
Author: Alan Coopersmith
Date: Thu Apr 30 22:29:55 2015 -0700
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXrender-0.9.9/INSTALL new/libXrender-0.9.10/INSTALL
--- old/libXrender-0.9.9/INSTALL 2015-05-01 07:31:06.000000000 +0200
+++ new/libXrender-0.9.10/INSTALL 2016-10-04 22:23:40.000000000 +0200
@@ -1,13 +1,11 @@
Installation Instructions
*************************
-Copyright (C) 1994-1996, 1999-2002, 2004-2011 Free Software Foundation,
-Inc.
+Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
+2006, 2007, 2008 Free Software Foundation, Inc.
- Copying and distribution of this file, with or without modification,
-are permitted in any medium without royalty provided the copyright
-notice and this notice are preserved. This file is offered as-is,
-without warranty of any kind.
+ This file is free documentation; the Free Software Foundation gives
+unlimited permission to copy, distribute and modify it.
Basic Installation
==================
@@ -15,11 +13,7 @@
Briefly, the shell commands `./configure; make; make install' should
configure, build, and install this package. The following
more-detailed instructions are generic; see the `README' file for
-instructions specific to this package. Some packages provide this
-`INSTALL' file but do not implement all of the features documented
-below. The lack of an optional feature in a given package is not
-necessarily a bug. More recommendations for GNU packages can be found
-in *note Makefile Conventions: (standards)Makefile Conventions.
+instructions specific to this package.
The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
@@ -48,7 +42,7 @@
you want to change it or regenerate `configure' using a newer version
of `autoconf'.
- The simplest way to compile this package is:
+The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system.
@@ -59,22 +53,12 @@
2. Type `make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with
- the package, generally using the just-built uninstalled binaries.
+ the package.
4. Type `make install' to install the programs and any data files and
- documentation. When installing into a prefix owned by root, it is
- recommended that the package be configured and built as a regular
- user, and only the `make install' phase executed with root
- privileges.
-
- 5. Optionally, type `make installcheck' to repeat any self-tests, but
- this time using the binaries in their final installed location.
- This target does not install anything. Running this target as a
- regular user, particularly if the prior `make install' required
- root privileges, verifies that the installation completed
- correctly.
+ documentation.
- 6. You can remove the program binaries and object files from the
+ 5. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the
files that `configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is
@@ -83,15 +67,8 @@
all sorts of other programs in order to regenerate files that came
with the distribution.
- 7. Often, you can also type `make uninstall' to remove the installed
- files again. In practice, not all packages have tested that
- uninstallation works correctly, even though it is required by the
- GNU Coding Standards.
-
- 8. Some packages, particularly those that use Automake, provide `make
- distcheck', which can by used by developers to test that all other
- targets like `make install' and `make uninstall' work correctly.
- This target is generally not run by end users.
+ 6. Often, you can also type `make uninstall' to remove the installed
+ files again.
Compilers and Options
=====================
@@ -116,8 +93,7 @@
own directory. To do this, you can use GNU `make'. `cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
-source code in the directory that `configure' is in and in `..'. This
-is known as a "VPATH" build.
+source code in the directory that `configure' is in and in `..'.
With a non-GNU `make', it is safer to compile the package for one
architecture at a time in the source code directory. After you have
@@ -144,8 +120,7 @@
By default, `make install' installs the package's commands under
`/usr/local/bin', include files under `/usr/local/include', etc. You
can specify an installation prefix other than `/usr/local' by giving
-`configure' the option `--prefix=PREFIX', where PREFIX must be an
-absolute file name.
+`configure' the option `--prefix=PREFIX'.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
@@ -156,46 +131,15 @@
In addition, if you use an unusual directory layout you can give
options like `--bindir=DIR' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories
-you can set and what kinds of files go in them. In general, the
-default for these options is expressed in terms of `${prefix}', so that
-specifying just `--prefix' will affect all of the other directory
-specifications that were not explicitly provided.
-
- The most portable way to affect installation locations is to pass the
-correct locations to `configure'; however, many packages provide one or
-both of the following shortcuts of passing variable assignments to the
-`make install' command line to change installation locations without
-having to reconfigure or recompile.
-
- The first method involves providing an override variable for each
-affected directory. For example, `make install
-prefix=/alternate/directory' will choose an alternate location for all
-directory configuration variables that were expressed in terms of
-`${prefix}'. Any directories that were specified during `configure',
-but not in terms of `${prefix}', must each be overridden at install
-time for the entire installation to be relocated. The approach of
-makefile variable overrides for each directory variable is required by
-the GNU Coding Standards, and ideally causes no recompilation.
-However, some platforms have known limitations with the semantics of
-shared libraries that end up requiring recompilation when using this
-method, particularly noticeable in packages that use GNU Libtool.
-
- The second method involves providing the `DESTDIR' variable. For
-example, `make install DESTDIR=/alternate/directory' will prepend
-`/alternate/directory' before all installation names. The approach of
-`DESTDIR' overrides is not required by the GNU Coding Standards, and
-does not work on platforms that have drive letters. On the other hand,
-it does better at avoiding recompilation issues, and works well even
-when some directory options were not specified in terms of `${prefix}'
-at `configure' time.
-
-Optional Features
-=================
+you can set and what kinds of files go in them.
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
+Optional Features
+=================
+
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE
@@ -208,13 +152,6 @@
you can use the `configure' options `--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations.
- Some packages offer the ability to configure how verbose the
-execution of `make' will be. For these packages, running `./configure
---enable-silent-rules' sets the default to minimal output, which can be
-overridden with `make V=1'; while running `./configure
---disable-silent-rules' sets the default to verbose, which can be
-overridden with `make V=0'.
-
Particular systems
==================
@@ -222,15 +159,10 @@
CC is not installed, it is recommended to use the following options in
order to use an ANSI C compiler:
- ./configure CC="cc -Ae -D_XOPEN_SOURCE=500"
+ ./configure CC="cc -Ae"
and if that doesn't work, install pre-built binaries of GCC for HP-UX.
- HP-UX `make' updates targets which have the same time stamps as
-their prerequisites, which makes it generally unusable when shipped
-generated files such as `configure' are involved. Use GNU `make'
-instead.
-
On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
parse its `' header file. The option `-nodtk' can be used as
a workaround. If GNU CC is not installed, it is therefore recommended
@@ -242,16 +174,6 @@
./configure CC="cc -nodtk"
- On Solaris, don't put `/usr/ucb' early in your `PATH'. This
-directory contains several dysfunctional programs; working variants of
-these programs are available in `/usr/bin'. So, if you need `/usr/ucb'
-in your `PATH', put it _after_ `/usr/bin'.
-
- On Haiku, software installed for all users goes in `/boot/common',
-not `/usr/local'. It is recommended to use the following options:
-
- ./configure --prefix=/boot/common
-
Specifying the System Type
==========================
@@ -267,8 +189,7 @@
where SYSTEM can have one of these forms:
- OS
- KERNEL-OS
+ OS KERNEL-OS
See the file `config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't
@@ -356,7 +277,7 @@
`configure' can determine that directory automatically.
`--prefix=DIR'
- Use DIR as the installation prefix. *note Installation Names::
+ Use DIR as the installation prefix. *Note Installation Names::
for more details, including other options available for fine-tuning
the installation locations.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXrender-0.9.9/compile new/libXrender-0.9.10/compile
--- old/libXrender-0.9.9/compile 2015-05-01 07:30:15.000000000 +0200
+++ new/libXrender-0.9.10/compile 2016-10-04 00:54:45.000000000 +0200
@@ -3,7 +3,7 @@
scriptversion=2012-10-14.11; # UTC
-# Copyright (C) 1999-2014 Free Software Foundation, Inc.
+# Copyright (C) 1999-2013 Free Software Foundation, Inc.
# Written by Tom Tromey .
#
# This program is free software; you can redistribute it and/or modify
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXrender-0.9.9/configure.ac new/libXrender-0.9.10/configure.ac
--- old/libXrender-0.9.9/configure.ac 2015-05-01 07:30:04.000000000 +0200
+++ new/libXrender-0.9.10/configure.ac 2016-10-04 21:23:46.000000000 +0200
@@ -29,7 +29,7 @@
# digit in the version number to track changes which don't affect the
# protocol, so Xrender version l.n.m corresponds to protocol version l.n
#
-AC_INIT(libXrender, [0.9.9],
+AC_INIT(libXrender, [0.9.10],
[https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libXrender])
AC_CONFIG_SRCDIR([Makefile.am])
AC_CONFIG_HEADERS([config.h])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXrender-0.9.9/doc/libXrender.txt new/libXrender-0.9.10/doc/libXrender.txt
--- old/libXrender-0.9.9/doc/libXrender.txt 2015-05-01 07:30:04.000000000 +0200
+++ new/libXrender-0.9.10/doc/libXrender.txt 2016-08-17 14:58:22.000000000 +0200
@@ -84,7 +84,8 @@
2.4 Colors
The core protocol XColor type doesn't include an alpha component, so Xrender
-has a separate type.
+has a separate type. Note that XRender expects premultiplied alpha in all
+cases except with the gradient operations.
typedef struct {
unsigned short red;
@@ -526,6 +527,8 @@
7.1 Composite
XRenderComposite exposes the RenderComposite protocol request directly.
+If a format with alpha is used, make sure it is premultiplied into the
+color channels.
void
XRenderComposite (Display *dpy,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXrender-0.9.9/missing new/libXrender-0.9.10/missing
--- old/libXrender-0.9.9/missing 2015-05-01 07:30:15.000000000 +0200
+++ new/libXrender-0.9.10/missing 2016-10-04 00:54:45.000000000 +0200
@@ -3,7 +3,7 @@
scriptversion=2013-10-28.13; # UTC
-# Copyright (C) 1996-2014 Free Software Foundation, Inc.
+# Copyright (C) 1996-2013 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard , 1996.
# This program is free software; you can redistribute it and/or modify
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXrender-0.9.9/src/Filter.c new/libXrender-0.9.10/src/Filter.c
--- old/libXrender-0.9.9/src/Filter.c 2015-05-01 07:30:04.000000000 +0200
+++ new/libXrender-0.9.10/src/Filter.c 2016-09-25 22:14:27.000000000 +0200
@@ -38,7 +38,7 @@
char *name;
char len;
int i;
- unsigned long nbytes, nbytesAlias, nbytesName;
+ unsigned long nbytes, nbytesAlias, nbytesName, reply_left;
if (!RenderHasExtension (info))
return NULL;
@@ -114,6 +114,7 @@
* Read the filter aliases
*/
_XRead16Pad (dpy, filters->alias, 2 * rep.numAliases);
+ reply_left = 8 + rep.length - 2 * rep.numAliases;;
/*
* Read the filter names
@@ -122,9 +123,19 @@
{
int l;
_XRead (dpy, &len, 1);
+ reply_left--;
l = len & 0xff;
+ if ((unsigned long)l + 1 > nbytesName) {
+ _XEatDataWords(dpy, reply_left);
+ Xfree(filters);
+ UnlockDisplay (dpy);
+ SyncHandle ();
+ return NULL;
+ }
+ nbytesName -= l + 1;
filters->filter[i] = name;
_XRead (dpy, name, l);
+ reply_left -= l;
name[l] = '\0';
name += l + 1;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXrender-0.9.9/src/Xrender.c new/libXrender-0.9.10/src/Xrender.c
--- old/libXrender-0.9.9/src/Xrender.c 2015-05-01 07:30:04.000000000 +0200
+++ new/libXrender-0.9.10/src/Xrender.c 2016-09-25 22:15:13.000000000 +0200
@@ -533,12 +533,30 @@
screen->fallback = _XRenderFindFormat (xri, xScreen->fallback);
screen->subpixel = SubPixelUnknown;
xDepth = (xPictDepth *) (xScreen + 1);
+ if (screen->ndepths > rep.numDepths) {
+ Xfree (xri);
+ Xfree (xData);
+ _XEatDataWords (dpy, rep.length);
+ UnlockDisplay (dpy);
+ SyncHandle ();
+ return 0;
+ }
+ rep.numDepths -= screen->ndepths;
for (nd = 0; nd < screen->ndepths; nd++)
{
depth->depth = xDepth->depth;
depth->nvisuals = xDepth->nPictVisuals;
depth->visuals = visual;
xVisual = (xPictVisual *) (xDepth + 1);
+ if (depth->nvisuals > rep.numVisuals) {
+ Xfree (xri);
+ Xfree (xData);
+ _XEatDataWords (dpy, rep.length);
+ UnlockDisplay (dpy);
+ SyncHandle ();
+ return 0;
+ }
+ rep.numVisuals -= depth->nvisuals;
for (nv = 0; nv < depth->nvisuals; nv++)
{
visual->visual = _XRenderFindVisual (dpy, xVisual->visual);