diff options
| author | Leo <thinkabit.ukim@gmail.com> | 2020-07-31 17:30:00 -0300 |
|---|---|---|
| committer | Leo <thinkabit.ukim@gmail.com> | 2020-07-31 21:49:32 +0000 |
| commit | 7ef7c7225e8892f60a63c6242fb4546ecd42f1ae (patch) | |
| tree | 9e54f12c48fb466fda159bf7a89708933897d699 | |
| parent | 42e7d26ba88f0b576008685b6f2cbc0093d9893e (diff) | |
main/xorg-server: fix CVE-2020-14347
| -rw-r--r-- | main/xorg-server/APKBUILD | 6 | ||||
| -rw-r--r-- | main/xorg-server/CVE-2020-14347.patch | 12 |
2 files changed, 17 insertions, 1 deletions
diff --git a/main/xorg-server/APKBUILD b/main/xorg-server/APKBUILD index 400e6cdeda4..59ad5dd1162 100644 --- a/main/xorg-server/APKBUILD +++ b/main/xorg-server/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=xorg-server pkgver=1.20.8 -pkgrel=3 +pkgrel=4 pkgdesc="X.Org X servers" url="https://www.x.org/wiki" arch="all" @@ -51,11 +51,14 @@ makedepends=" libxdmcp-dev " source="https://www.x.org/releases/individual/xserver/xorg-server-$pkgver.tar.bz2 + CVE-2020-14347.patch xwayland-glx.patch link-libshadow.patch " # secfixes: +# 1.20.8-r4: +# - CVE-2020-14347 # 1.20.3-r0: # - CVE-2018-14665 # 1.19.5-r0: @@ -167,5 +170,6 @@ xwayland() { mv "$pkgdir"/usr/bin/Xwayland "$subpkgdir"/usr/bin/ } sha512sums="ab0ec0fcbf490c61558b9297f61b58fd2dedb676c78bef6431dc9166054743b43a0091b88a8b3f4e81d1f539909440ee7e188a298cefabe13ea89159639cd805 xorg-server-1.20.8.tar.bz2 +e2f1de245d526fbfe48011aaa1236ce16de9af4468e4825a233569c49c6f85cb046d019b1d1df45e39cab5df3742e82f41bb3444a1b0ee5e02fda4005d188e35 CVE-2020-14347.patch 004c9a7d920af8825a311d32433bf64190d45583d57bb20b3c5ef39d8011ced7bf17b73296e56078ca791e6cd923594dacfe3fbf7af7c98934627e34559c85d8 xwayland-glx.patch d0f723e6033a77faec118adc64e9d4749270724cbb2b86ca5ff796e1fbaef2d01ebcbb2904d48132b58f3ecf0781b2583744b671b17b7d51a1748f4b461932b0 link-libshadow.patch" diff --git a/main/xorg-server/CVE-2020-14347.patch b/main/xorg-server/CVE-2020-14347.patch new file mode 100644 index 00000000000..7adec3a16e7 --- /dev/null +++ b/main/xorg-server/CVE-2020-14347.patch @@ -0,0 +1,12 @@ +diff --git a/dix/pixmap.c b/dix/pixmap.c +index 1186d7dbb..5a0146bbb 100644 +--- a/dix/pixmap.c ++++ b/dix/pixmap.c +@@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize) + if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize) + return NullPixmap; + +- pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize); ++ pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize); + if (!pPixmap) + return NullPixmap; |