Matt Turner | 30 Mar 19:14 2015

xf86-video-trident 1.3.7

Adam Jackson (4):
      Remove mibstore.h
      Use own thunk functions instead of vgaHW*Weak
      shadow: shadowInit -> shadowAdd/Remove
      Stop using deprecated xf86PciInfo.h

Matt Turner (1):
      xf86-video-trident 1.3.7

Timo Aaltonen (1):
      Fix loading the driver without XAA

git tag: xf86-video-trident-1.3.7
MD5:  04243bba246fe369c30a3b970f5b1c23  xf86-video-trident-1.3.7.tar.bz2
SHA1: b8cce16caa30e6725bdea078e05ab74b4b8020e7  xf86-video-trident-1.3.7.tar.bz2
SHA256: ecd518de627a0d49e17c158bfc72ab657386c6907c91ef89fa09332558e413ae  xf86-video-trident-1.3.7.tar.bz2
MD5:  5ac82949b586968d5a81ed90cec8e7c6  xf86-video-trident-1.3.7.tar.gz
SHA1: 04f70aeeb5ec799d6caac5f8c9b2601b515397a5  xf86-video-trident-1.3.7.tar.gz
SHA256: 1dea2a949033d7861a1731ae89d9f01dfe75abdfa21d36ec47b5941ad479a381  xf86-video-trident-1.3.7.tar.gz

xorg-announce mailing list
(Continue reading)

Peter Hutterer | 27 Mar 02:41 2015

xf86-input-evdev 2.9.2

Two fixes in this release, one to support Android MT devices, one to avoid
an array index overflow.

Colin B. Macdonald (1):
      Workaround lack of ABS_X on MT devices (#80470)

Peter Hutterer (1):
      evdev 2.9.2

Tobias Himmer (1):
      Check for incoming MT slot indices exceeding the allocated number of slots.

git tag: xf86-input-evdev-2.9.2
MD5:  99eebf171e6c7bffc42d4fc430d47454  xf86-input-evdev-2.9.2.tar.bz2
SHA1: 347eae8cc6c2f3f84bac77ce0b06eef06f541fd3  xf86-input-evdev-2.9.2.tar.bz2
SHA256: 792329b531afc6928ccda94e4b51a5520d4ddf8ef9a00890a5d0d31898acefec  xf86-input-evdev-2.9.2.tar.bz2
MD5:  6b139dc940722533420e15fbb3d8c818  xf86-input-evdev-2.9.2.tar.gz
SHA1: 435751ad663e732650eb7fb62450ea5ebad919cd  xf86-input-evdev-2.9.2.tar.gz
SHA256: 77a7c1c10d892e5aac8dbaddc154efecae4ec6ef02dc600b1d99fd011eca3385  xf86-input-evdev-2.9.2.tar.gz

xorg-announce mailing list
(Continue reading)

Peter Hutterer | 27 Mar 02:32 2015

xf86-input-synaptics 1.8.2

One significant change here: an artificial delay is now used between
the button events of a doubletap. Some applications previously dropped the
events because they had the same timestamp, with the delay this should now
work fine.

Gabriele Mazzotta (2):
      Update machine state diagram
      Add a delay between the second button down-up event of double taps

Peter Hutterer (3):
      eventcomm: prevent possibly division by zero
      eventcomm: ignore fake and broken MT devices
      synaptics 1.8.2

git tag: xf86-input-synaptics-1.8.2
MD5:  8ed68e8cc674dd61adb280704764aafb  xf86-input-synaptics-1.8.2.tar.bz2
SHA1: e936bf70f576f086083d2a9a4a46b6b197411852  xf86-input-synaptics-1.8.2.tar.bz2
SHA256: 7b0e164ebd02a680e0c695955e783059f37edb0c2656398e0a972adc8e698c80  xf86-input-synaptics-1.8.2.tar.bz2
MD5:  e9532b7639bce4ecd48ac43c5d33e368  xf86-input-synaptics-1.8.2.tar.gz
SHA1: 7c1aaf73852401f05d479db64791218edb01d274  xf86-input-synaptics-1.8.2.tar.gz
SHA256: a9bfdfac46523a4d72992137bc63dd1be557927d1efbc4eef6498c2af95d74c5  xf86-input-synaptics-1.8.2.tar.gz

(Continue reading)

Michael Stapelberg | 25 Mar 23:14 2015

xcb-util-cursor 0.1.2


I just released version 0.1.2 of xcb-util-cursor:

- Use CFSwapInt32LittleToHost from CoreFoundation.h on Mac OS X to
  implement le32toh.
- Check submodules before running autoconf.
- darwin: Use OSByteOrder.h rather than CF.
- Perform safety check before trying to load glyph cursorHEADmaster


88e70d92ff5616d406ce5b1b62e0c58b  xcb-util-cursor-0.1.2.tar.bz2
313ea0f29bf3b9a14fd26110daee761c  xcb-util-cursor-0.1.2.tar.gz

b55a92cd96c3ec1be9a26963df6d5f16e68fffea  xcb-util-cursor-0.1.2.tar.bz2
5c61fdf49ca91596cf34caee884c5e402787d3b4  xcb-util-cursor-0.1.2.tar.gz


Best regards,
xorg-announce mailing list
xorg-announce <at>
(Continue reading)

Alan Coopersmith | 21 Mar 18:05 2015

libXdmcp 1.1.2

libXdmcp is the X Display Manager Control Protocol library, used by both
X servers and display managers to handle both ends of the XDMCP connection.

This release has hardened handling of invalid arguments & allocation
failures, adds support for using arc4random in key generation, and adds 
some unit tests to help developers prevent regressions in the future.

Alan Coopersmith (11):
      Remove unused TLI ("STREAMSCONN") code from libXdmcp
      Ensure ARRAY* structs are zero'ed out when allocation fails
      Make XdmcpCopyARRAY8 call XdmcpAllocARRAY8 instead of replicating it
      Add unit tests for Array allocation functions
      Ensure ARRAY* structs are zero'ed out when oversize values are passed
      Ensure ARRAYofARRAY8 pointers are initialized to NULL
      Also reject requests to allocate negative sized amounts of memory
      configure: Drop AM_MAINTAINER_MODE Honor NOCONFIGURE=1
      Add AC_USE_SYSTEM_EXTENSIONS to expose arc4random() interfaces in headers
      libXdmcp 1.1.2

Matthieu Herrb (1):
      Use arc4random when available to produce the XDM-AUTHENTICATION1 key

git tag: libXdmcp-1.1.2
MD5:  18aa5c1279b01f9d18e3299969665b2e
SHA1: 3c09eabb0617c275b5ab09fae021d279a4832cac
SHA256: 81fe09867918fff258296e1e1e159f0dc639cb30d201c53519f25ab73af4e4e2
(Continue reading)

Damien Lespiau | 19 Mar 16:26 2015

libdrm 2.4.60

Alan Coopersmith (2):
      Stop undefining _ATOMIC_TYPE in Solaris/NetBSD section of xf86atomic.h
      On Solaris, #include <sys/mkdev.h> in xf86drm.c

Chih-Wei Huang (1):
      android: remove duplicate libdrm in LOCAL_SHARED_LIBRARIES

Damien Lespiau (1):
      build: Bump version number to 2.4.60 before release

Daniel Vetter (7):
      intel: Unconditionally clear ioctl structs
      xf86drmMode: Unconditionally clear ioctl structs
      drm: use drmIoctl everywhere
      xf86drm: Unconditionally clear ioctl structs
      tests: remove intel-specific tests
      xf86drm: Fix ioctl struct clearing in drmGetVersion
      Revert "intel: Fix documentation for drm_intel_gem_bo_wait()"

Emil Velikov (21):
      libdrm: fix the Android 64bit build
      exynos_fimg2d_test: fix implicit funciton declaration errors
      tests: fix implicit funciton declaration errors
      autotools: add WARN_CFLAGS to all targets
      tests: remove unused variables
      exynos_fimg2d_test: remove unused variables
      tests/radeon: set the list* functions as inline
      automake: wrap an insanely long line
      configure: omap, freedreno and tegra require atomics
(Continue reading)

Alan Coopersmith | 17 Mar 16:50 2015

libXfont 1.4.9

This release of libXfont provides the fixes for today's security advisory
about BDF font parsing bugs.  Like libXfont 1.4.8, it requires fontsproto
2.1.2 or earlier and will not build cleanly with newer versions.

Alan Coopersmith (4):
      bdfReadProperties: property count needs range check [CVE-2015-1802]
      bdfReadCharacters: bailout if a char's bitmap cannot be read [CVE-2015-1803]
      bdfReadCharacters: ensure metrics fit into xCharInfo struct [CVE-2015-1804]
      libXfont 1.4.9

Christos Zoulas (1):
      Set close-on-exec for font file I/O.

git tag: libXfont-1.4.9
MD5:  5baa3225a49eeda8e5a476b85704cfd4
SHA1: 3a284783bac87c036b6d09e26d033d2a039219af
SHA256: 6c6b061a3aa44f0ac95785f9579f6427080c60ae6948b49bcc8d44f63942ad89
MD5:  babdeab70cee48c31c2b02135bb04e91
SHA1: 36ba1d79128bc786425b513dc19478c78060b946
SHA256: 2c7d4691ce430136f04ff64e786ebbaeae4cdc6a5dac468bde4e2e0d40bd9ebe


	-Alan Coopersmith-              alan.coopersmith@...
	 Oracle Solaris Engineering -
(Continue reading)

Alan Coopersmith | 17 Mar 16:35 2015

libXfont 1.5.1

This release of libXfont provides the fixes for today's security advisory
about BDF font parsing bugs.  Like libXfont 1.5.0, it requires fontsproto
2.1.3 or later and will not build cleanly with older versions.

Alan Coopersmith (6):
      Remove unneeded checks for #ifndef X_NOT_POSIX
      Use 'imdent' to realign cpp indentation levels in fslibos.h
      bdfReadProperties: property count needs range check [CVE-2015-1802]
      bdfReadCharacters: bailout if a char's bitmap cannot be read [CVE-2015-1803]
      bdfReadCharacters: ensure metrics fit into xCharInfo struct [CVE-2015-1804]
      libXfont 1.5.1

Christos Zoulas (1):
      Set close-on-exec for font file I/O.

git tag: libXfont-1.5.1
MD5:  96f76ba94b4c909230bac1e2dcd551c4
SHA1: e63a354de5dc2d8cba08d50add1519471412a618
SHA256: b70898527c73f9758f551bbab612af611b8a0962202829568d94f3edf4d86098
MD5:  8b621c4a57c114eb07eb4977e3106f9f
SHA1: f85d51d7b26c66bf84b1c1394f282127d9bad12a
SHA256: 7c65c8ac581a162ff4c8cd86c1db9e9f425132eb65b1cba0c9e905c6cb8a45f5


(Continue reading)

Alan Coopersmith | 17 Mar 16:08 2015

X.Org Security Advisory: More BDF file parsing issues in libXfont

X.Org Security Advisory:  March 17, 2015
More BDF file parsing issues in libXfont


Ilja van Sprundel, a security researcher with IOActive, has discovered an 
issue in the parsing of BDF font files by libXfont.  Additional testing by
Alan Coopersmith and William Robinet with the American Fuzzy Lop (afl) tool 
uncovered two more issues in the parsing of BDF font files.

As libXfont is used by the X server to read font files, and an unprivileged
user with access to the X server can tell the X server to read a given font
file from a path of their choosing, these vulnerabilities have the potential
to allow unprivileged users to run code with the privileges of the X server
(often root access).

The vulnerabilities are:

- CVE-2015-1802: bdfReadProperties: property count needs range check

    The bdf parser reads a count for the number of properties defined in
    a font from the font file, and allocates arrays with entries for each
    property based on that count.  It never checked to see if that count
    was negative, or large enough to overflow when multiplied by the size
    of the structures being allocated, and could thus allocate the wrong
    buffer size, leading to out of bounds writes.

- CVE-2015-1803: bdfReadCharacters: bailout if a char's bitmap cannot be read
(Continue reading)

Aaron Plattner | 16 Mar 22:40 2015

libvdpau 1.1

VDPAU is the Video Decode and Presentation API for Unix.  This
library provides a wrapper that loads the correct vendor-specific
implementation driver library, and a tracing library to help with
debugging VDPAU applications.

This release fixes a bug in the new VdpPictureInfoHEVC structure: the
column_width_minus1 and row_height_minus1 arrays had the wrong dimensions.  To
avoid the incorrect structure being used, the profile numbers for the HEVC
profiles have been changed.  Please use the new profiles rather than the ones
from libvdpau 1.0.  I apologize for the inconvenience!

Aaron Plattner (2):
      Change HEVC profile numbers to 100 through 104
      Bump version to 1.1

José Hiram Soltren (1):
      Fix error in sizes of H265 column width and row height, arrays

git tag: libvdpau-1.1
MD5:  11a842df9fbaad0f5f10cf553b8d5690  libvdpau-1.1.tar.bz2
SHA1: 1d6b03f4228241cb222d9b6395bcdd8b125a3fe0  libvdpau-1.1.tar.bz2
SHA256: 59c8bcfead6410d12284f1dc11ee919d3b11a684424597ba8961211ad8fdf34c  libvdpau-1.1.tar.bz2
MD5:  38d362869f1da5516f0f927db4d606c3  libvdpau-1.1.tar.gz
SHA1: 7a5920601d9f9f9092224d8dee6dd299d4319c85  libvdpau-1.1.tar.gz
(Continue reading)

Alan Coopersmith | 14 Mar 18:13 2015

libXvMC 1.0.9

libXv is the Xlib-based client library for the X-Video Motion Compensation API.

This release now requires libX11 1.6 or later, and a C compiler less than
25 years old.

Alan Coopersmith (3):
      Require ANSI C89 pre-processor, drop pre-C89 token pasting support
      Rename local err variable in XW_RSYM macro to avoid shadow warnings
      libXvMC 1.0.9

Michael Joost (1):
      Remove fallback for _XEatDataWords, require libX11 1.6 for it

Yaakov Selkowitz (1):
      Fix linking with -Wl,--no-undefined on Linux

git tag: libXvMC-1.0.9
MD5:  eba6b738ed5fdcd8f4203d7c8a470c79
SHA1: 6fc54831734e781b2848b6f7e3bcc4f752665f21
SHA256: 0703d7dff6ffc184f1735ca5d4eb9dbb402b522e08e008f2f96aee16c40a5756
MD5:  a28c0780373537f4774565309b31a69e
SHA1: ecdff2396a5f7fc0c99e8c36a88d6da3d13440a1
SHA256: 090f087fe65b30b3edfb996c79ff6cf299e473fb25e955fff1c4e9cb624da2c2

(Continue reading)