mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-24 20:02:58 +03:00
xorg-server: fix CVE-1940
http://lists.x.org/archives/xorg-devel/2013-April/036014.html It's a low-priority issue, but it should cause almost no rebuilds.
This commit is contained in:
parent
fd76a89bcb
commit
a40e825474
@ -221,7 +221,7 @@ in
|
||||
|
||||
xorgserver = attrs: attrs // {
|
||||
configureFlags = "--enable-xcsecurity"; # enable SECURITY extension
|
||||
patches = [./xorgserver-dri-path.patch ./xorgserver-xkbcomp-path.patch];
|
||||
patches = [./xorgserver-dri-path.patch ./xorgserver-xkbcomp-path.patch ./xorgserver12-CVE-1940.patch];
|
||||
buildInputs = attrs.buildInputs ++
|
||||
[ args.zlib args.udev args.mesa args.dbus.libs
|
||||
xorg.xf86bigfontproto xorg.glproto xorg.xf86driproto
|
||||
|
34
pkgs/servers/x11/xorg/xorgserver12-CVE-1940.patch
Normal file
34
pkgs/servers/x11/xorg/xorgserver12-CVE-1940.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From 6ca03b9161d33b1d2b55a3a1a913cf88deb2343f Mon Sep 17 00:00:00 2001
|
||||
From: Dave Airlie <airlied@gmail.com>
|
||||
Date: Wed, 10 Apr 2013 06:09:01 +0000
|
||||
Subject: xf86: fix flush input to work with Linux evdev devices.
|
||||
|
||||
So when we VT switch back and attempt to flush the input devices,
|
||||
we don't succeed because evdev won't return part of an event,
|
||||
since we were only asking for 4 bytes, we'd only get -EINVAL back.
|
||||
|
||||
This could later cause events to be flushed that we shouldn't have
|
||||
gotten.
|
||||
|
||||
This is a fix for CVE-2013-1940.
|
||||
|
||||
Signed-off-by: Dave Airlie <airlied@redhat.com>
|
||||
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
||||
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
||||
---
|
||||
diff --git a/hw/xfree86/os-support/shared/posix_tty.c b/hw/xfree86/os-support/shared/posix_tty.c
|
||||
index ab3757a..4d08c1e 100644
|
||||
--- a/hw/xfree86/os-support/shared/posix_tty.c
|
||||
+++ b/hw/xfree86/os-support/shared/posix_tty.c
|
||||
@@ -421,7 +421,8 @@ xf86FlushInput(int fd)
|
||||
{
|
||||
fd_set fds;
|
||||
struct timeval timeout;
|
||||
- char c[4];
|
||||
+ /* this needs to be big enough to flush an evdev event. */
|
||||
+ char c[256];
|
||||
|
||||
DebugF("FlushingSerial\n");
|
||||
if (tcflush(fd, TCIFLUSH) == 0)
|
||||
--
|
||||
cgit v0.9.0.2-2-gbebe
|
Loading…
Reference in New Issue
Block a user