mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-24 20:02:58 +03:00
xorg-server: fix CVE-1940
http://lists.x.org/archives/xorg-devel/2013-April/036014.html It's a low-priority issue, but it should cause almost no rebuilds.
This commit is contained in:
parent
fd76a89bcb
commit
a40e825474
@ -221,7 +221,7 @@ in
|
|||||||
|
|
||||||
xorgserver = attrs: attrs // {
|
xorgserver = attrs: attrs // {
|
||||||
configureFlags = "--enable-xcsecurity"; # enable SECURITY extension
|
configureFlags = "--enable-xcsecurity"; # enable SECURITY extension
|
||||||
patches = [./xorgserver-dri-path.patch ./xorgserver-xkbcomp-path.patch];
|
patches = [./xorgserver-dri-path.patch ./xorgserver-xkbcomp-path.patch ./xorgserver12-CVE-1940.patch];
|
||||||
buildInputs = attrs.buildInputs ++
|
buildInputs = attrs.buildInputs ++
|
||||||
[ args.zlib args.udev args.mesa args.dbus.libs
|
[ args.zlib args.udev args.mesa args.dbus.libs
|
||||||
xorg.xf86bigfontproto xorg.glproto xorg.xf86driproto
|
xorg.xf86bigfontproto xorg.glproto xorg.xf86driproto
|
||||||
|
34
pkgs/servers/x11/xorg/xorgserver12-CVE-1940.patch
Normal file
34
pkgs/servers/x11/xorg/xorgserver12-CVE-1940.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
From 6ca03b9161d33b1d2b55a3a1a913cf88deb2343f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dave Airlie <airlied@gmail.com>
|
||||||
|
Date: Wed, 10 Apr 2013 06:09:01 +0000
|
||||||
|
Subject: xf86: fix flush input to work with Linux evdev devices.
|
||||||
|
|
||||||
|
So when we VT switch back and attempt to flush the input devices,
|
||||||
|
we don't succeed because evdev won't return part of an event,
|
||||||
|
since we were only asking for 4 bytes, we'd only get -EINVAL back.
|
||||||
|
|
||||||
|
This could later cause events to be flushed that we shouldn't have
|
||||||
|
gotten.
|
||||||
|
|
||||||
|
This is a fix for CVE-2013-1940.
|
||||||
|
|
||||||
|
Signed-off-by: Dave Airlie <airlied@redhat.com>
|
||||||
|
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
||||||
|
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
||||||
|
---
|
||||||
|
diff --git a/hw/xfree86/os-support/shared/posix_tty.c b/hw/xfree86/os-support/shared/posix_tty.c
|
||||||
|
index ab3757a..4d08c1e 100644
|
||||||
|
--- a/hw/xfree86/os-support/shared/posix_tty.c
|
||||||
|
+++ b/hw/xfree86/os-support/shared/posix_tty.c
|
||||||
|
@@ -421,7 +421,8 @@ xf86FlushInput(int fd)
|
||||||
|
{
|
||||||
|
fd_set fds;
|
||||||
|
struct timeval timeout;
|
||||||
|
- char c[4];
|
||||||
|
+ /* this needs to be big enough to flush an evdev event. */
|
||||||
|
+ char c[256];
|
||||||
|
|
||||||
|
DebugF("FlushingSerial\n");
|
||||||
|
if (tcflush(fd, TCIFLUSH) == 0)
|
||||||
|
--
|
||||||
|
cgit v0.9.0.2-2-gbebe
|
Loading…
Reference in New Issue
Block a user