Hello community,
here is the log from the commit of package xorg-x11-server for openSUSE:Factory checked in at 2018-11-08 09:42:08
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/xorg-x11-server (Old)
and /work/SRC/openSUSE:Factory/.xorg-x11-server.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xorg-x11-server"
Thu Nov 8 09:42:08 2018 rev:363 rq:645321 version:1.20.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/xorg-x11-server/xorg-x11-server.changes 2018-10-22 11:06:43.712102447 +0200
+++ /work/SRC/openSUSE:Factory/.xorg-x11-server.new/xorg-x11-server.changes 2018-11-08 09:42:11.165542223 +0100
@@ -1,0 +2,9 @@
+Mon Oct 29 15:35:59 UTC 2018 - sndirsch@suse.com
+
+- Update to version 1.20.3
+ * Disable -logfile and -modulepath when running with elevated
+ privileges (bsc#1112020)
+ * LogFilePrep: add a comment to the unsafe format string.
+ * xfree86: fix readlink call
+
+-------------------------------------------------------------------
Old:
----
xorg-server-1.20.2.tar.bz2
New:
----
xorg-server-1.20.3.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ xorg-x11-server.spec ++++++
--- /var/tmp/diff_new_pack.eQhD5U/_old 2018-11-08 09:42:11.949541312 +0100
+++ /var/tmp/diff_new_pack.eQhD5U/_new 2018-11-08 09:42:11.953541308 +0100
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
@@ -46,7 +46,7 @@
%endif
Name: xorg-x11-server
-Version: 1.20.2
+Version: 1.20.3
Release: 0
Url: http://xorg.freedesktop.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
++++++ xorg-server-1.20.2.tar.bz2 -> xorg-server-1.20.3.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorg-server-1.20.2/ChangeLog new/xorg-server-1.20.3/ChangeLog
--- old/xorg-server-1.20.2/ChangeLog 2018-10-15 17:59:54.000000000 +0200
+++ new/xorg-server-1.20.3/ChangeLog 2018-10-25 16:13:41.000000000 +0200
@@ -1,3 +1,57 @@
+commit 971d418113740cae2d7d393850bad4926d1a7e86
+Author: Adam Jackson
+Date: Thu Oct 25 09:03:18 2018 -0400
+
+ xserver 1.20.3
+
+ Signed-off-by: Adam Jackson
+
+commit da15c7413916f754708c62c2089265528cd661e2
+Author: Matthieu Herrb
+Date: Tue Oct 23 21:29:09 2018 +0200
+
+ LogFilePrep: add a comment to the unsafe format string.
+
+ CVE-2018-14665 also made it possible to exploit this to access
+ memory. With -logfile forbidden when running with elevated privileges
+ this is no longer an issue.
+
+ Signed-off-by: Matthieu Herrb
+ Reviewed-by: Adam Jackson
+ (cherry picked from commit 248d164eae27f1f310266d78e52f13f64362f81e)
+
+commit 8a59e3b7dbb30532a7c3769c555e00d7c4301170
+Author: Matthieu Herrb
+Date: Tue Oct 23 21:29:08 2018 +0200
+
+ Disable -logfile and -modulepath when running with elevated privileges
+
+ Could cause privilege elevation and/or arbitrary files overwrite, when
+ the X server is running with elevated privileges (ie when Xorg is
+ installed with the setuid bit set and started by a non-root user).
+
+ CVE-2018-14665
+
+ Issue reported by Narendra Shinde and Red Hat.
+
+ Signed-off-by: Matthieu Herrb
+ Reviewed-by: Alan Coopersmith
+ Reviewed-by: Peter Hutterer
+ Reviewed-by: Adam Jackson
+ (cherry picked from commit 50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e)
+
+commit cfc3dec09e1a56bb050ba31bde0bbf499596063a
+Author: Peter Hutterer
+Date: Tue Oct 16 09:42:51 2018 +1000
+
+ xfree86: fix readlink call
+
+ Misplaced parenthesis caused us to compare the sizeof, not the readlink return
+ value.
+
+ Signed-off-by: Peter Hutterer
+ (cherry picked from commit bd5fe7593fd0df236f3b2be1f062166ddba7d67c)
+
commit 2a0c6c15c35cd262e7cdb86dcc43cb1aeb714c8e
Author: Adam Jackson
Date: Mon Oct 15 11:17:35 2018 -0400
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorg-server-1.20.2/configure new/xorg-server-1.20.3/configure
--- old/xorg-server-1.20.2/configure 2018-10-15 17:59:39.000000000 +0200
+++ new/xorg-server-1.20.3/configure 2018-10-25 16:13:27.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for xorg-server 1.20.2.
+# Generated by GNU Autoconf 2.69 for xorg-server 1.20.3.
#
# Report bugs to https://bugs.freedesktop.org/enter_bug.cgi?product=xorg.
#
@@ -651,8 +651,8 @@
# Identity of this package.
PACKAGE_NAME='xorg-server'
PACKAGE_TARNAME='xorg-server'
-PACKAGE_VERSION='1.20.2'
-PACKAGE_STRING='xorg-server 1.20.2'
+PACKAGE_VERSION='1.20.3'
+PACKAGE_STRING='xorg-server 1.20.3'
PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=xorg'
PACKAGE_URL=''
@@ -2033,7 +2033,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures xorg-server 1.20.2 to adapt to many kinds of systems.
+\`configure' configures xorg-server 1.20.3 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -2103,7 +2103,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of xorg-server 1.20.2:";;
+ short | recursive ) echo "Configuration of xorg-server 1.20.3:";;
esac
cat <<\_ACEOF
@@ -2294,10 +2294,10 @@
org.x)
--with-bundle-version=VERSION
Version to use for X11.app's CFBundleVersion
- (default: 1.20.2)
+ (default: 1.20.3)
--with-bundle-version-string=VERSION
Version to use for X11.app's
- CFBundleShortVersionString (default: 1.20.2)
+ CFBundleShortVersionString (default: 1.20.3)
--with-sparkle-feed-url=URL
URL for the Sparkle feed (default:
https://www.xquartz.org/releases/sparkle/release.xml)
@@ -2558,7 +2558,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-xorg-server configure 1.20.2
+xorg-server configure 1.20.3
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -3267,7 +3267,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by xorg-server $as_me 1.20.2, which was
+It was created by xorg-server $as_me 1.20.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3615,8 +3615,8 @@
ac_compiler_gnu=$ac_cv_c_compiler_gnu
-RELEASE_DATE="2018-10-15"
-RELEASE_NAME="Tofu Biryani"
+RELEASE_DATE="2018-10-25"
+RELEASE_NAME="Harissa Roasted Carrots"
am__api_version='1.15'
@@ -4134,7 +4134,7 @@
# Define the identity of the package.
PACKAGE='xorg-server'
- VERSION='1.20.2'
+ VERSION='1.20.3'
cat >>confdefs.h <<_ACEOF
@@ -23656,7 +23656,7 @@
if test "${with_bundle_version+set}" = set; then :
withval=$with_bundle_version; BUNDLE_VERSION="${withval}"
else
- BUNDLE_VERSION="1.20.2"
+ BUNDLE_VERSION="1.20.3"
fi
@@ -33517,7 +33517,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by xorg-server $as_me 1.20.2, which was
+This file was extended by xorg-server $as_me 1.20.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -33583,7 +33583,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-xorg-server config.status 1.20.2
+xorg-server config.status 1.20.3
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorg-server-1.20.2/configure.ac new/xorg-server-1.20.3/configure.ac
--- old/xorg-server-1.20.2/configure.ac 2018-10-15 17:59:33.000000000 +0200
+++ new/xorg-server-1.20.3/configure.ac 2018-10-25 16:13:21.000000000 +0200
@@ -26,9 +26,9 @@
dnl Process this file with autoconf to create configure.
AC_PREREQ(2.60)
-AC_INIT([xorg-server], 1.20.2, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
-RELEASE_DATE="2018-10-15"
-RELEASE_NAME="Tofu Biryani"
+AC_INIT([xorg-server], 1.20.3, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
+RELEASE_DATE="2018-10-25"
+RELEASE_NAME="Harissa Roasted Carrots"
AC_CONFIG_SRCDIR([Makefile.am])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([foreign dist-bzip2])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorg-server-1.20.2/hw/xfree86/common/xf86Init.c new/xorg-server-1.20.3/hw/xfree86/common/xf86Init.c
--- old/xorg-server-1.20.2/hw/xfree86/common/xf86Init.c 2018-10-15 17:59:33.000000000 +0200
+++ new/xorg-server-1.20.3/hw/xfree86/common/xf86Init.c 2018-10-25 16:13:21.000000000 +0200
@@ -1027,14 +1027,18 @@
/* First the options that are not allowed with elevated privileges */
if (!strcmp(argv[i], "-modulepath")) {
CHECK_FOR_REQUIRED_ARGUMENT();
- xf86CheckPrivs(argv[i], argv[i + 1]);
+ if (xf86PrivsElevated())
+ FatalError("\nInvalid argument -modulepath "
+ "with elevated privileges\n");
xf86ModulePath = argv[i + 1];
xf86ModPathFrom = X_CMDLINE;
return 2;
}
if (!strcmp(argv[i], "-logfile")) {
CHECK_FOR_REQUIRED_ARGUMENT();
- xf86CheckPrivs(argv[i], argv[i + 1]);
+ if (xf86PrivsElevated())
+ FatalError("\nInvalid argument -logfile "
+ "with elevated privileges\n");
xf86LogFile = argv[i + 1];
xf86LogFileFrom = X_CMDLINE;
return 2;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorg-server-1.20.2/hw/xfree86/fbdevhw/fbdevhw.c new/xorg-server-1.20.3/hw/xfree86/fbdevhw/fbdevhw.c
--- old/xorg-server-1.20.2/hw/xfree86/fbdevhw/fbdevhw.c 2018-10-15 17:59:33.000000000 +0200
+++ new/xorg-server-1.20.3/hw/xfree86/fbdevhw/fbdevhw.c 2018-10-25 16:13:21.000000000 +0200
@@ -336,7 +336,7 @@
char *node = strrchr(dev, '/') + 1;
if (asprintf(&sysfs_path, "/sys/class/graphics/%s", node) < 0 ||
- readlink(sysfs_path, buf, sizeof(buf) < 0) ||
+ readlink(sysfs_path, buf, sizeof(buf)) < 0 ||
strstr(buf, "devices/pci")) {
free(sysfs_path);
close(fd);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorg-server-1.20.2/meson.build new/xorg-server-1.20.3/meson.build
--- old/xorg-server-1.20.2/meson.build 2018-10-15 17:59:33.000000000 +0200
+++ new/xorg-server-1.20.3/meson.build 2018-10-25 16:13:21.000000000 +0200
@@ -3,7 +3,7 @@
'buildtype=debugoptimized',
'c_std=gnu99',
],
- version: '1.20.2',
+ version: '1.20.3',
meson_version: '>= 0.42.0',
)
add_project_arguments('-DHAVE_DIX_CONFIG_H', language: 'c')
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorg-server-1.20.2/os/log.c new/xorg-server-1.20.3/os/log.c
--- old/xorg-server-1.20.2/os/log.c 2018-10-15 17:59:33.000000000 +0200
+++ new/xorg-server-1.20.3/os/log.c 2018-10-25 16:13:21.000000000 +0200
@@ -194,6 +194,8 @@
{
char *logFileName = NULL;
+ /* the format string below is controlled by the user,
+ this code should never be called with elevated privileges */
if (asprintf(&logFileName, fname, idstring) == -1)
FatalError("Cannot allocate space for the log file name\n");