pkgsrc.se | The NetBSD package collection

./x11/modular-xorg-xephyr, Xephyr server based on kdrive from modular X.org

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2020Q2, Version: 1.20.8nb2, Package name: modular-xorg-xephyr-1.20.8nb2, Maintainer: khorben

A kdrive based X Server which targets a window on a host X Server as its
framebuffer.

Unlike Xnest it supports modern X extensions (even if host server
doesn't) such as Composite, Damage, randr etc (no GLX support now). It
uses SHM Images and shadow framebuffer updates to provide good
performance. It also has a visual debugging mode for observing screen
updates.

Required to run:
[fonts/libfontenc] [x11/Xfixes]

Package options: dri, inet6

Master sites:

SHA1: 077d081f912faf11c87ea1c9d0e29490961b0cd4
RMD160: 74f2a5ab7b482d2aded54fd412e9c0d673f270ba
Filesize: 6161.758 KB

Version history: (Expand)

(2020-08-01) Updated to version: modular-xorg-xephyr-1.20.8nb2
(2020-07-01) Package added to pkgsrc.se, version modular-xorg-xephyr-1.20.8nb1 (created)

CVS history: (Expand)

2020-08-01 08:47:59 by Benny Siegert | Files touched by this commit (5)

Log message:
Pullup ticket #6291 - requested by maya
x11/modular-xorg-server: security fix

Revisions pulled up:
- x11/modular-xorg-server/Makefile                              1.128
- x11/modular-xorg-server/distinfo                              1.102
- x11/modular-xorg-server/patches/patch-dix_pixmap.c            1.1
- x11/modular-xorg-xephyr/Makefile                              1.20
- x11/modular-xorg-xwayland/Makefile                            1.8

---
   Module Name:	pkgsrc
   Committed By:	maya
   Date:		Fri Jul 31 16:50:57 UTC 2020

   Modified Files:
   	pkgsrc/x11/modular-xorg-server: Makefile distinfo
   	pkgsrc/x11/modular-xorg-xephyr: Makefile
   	pkgsrc/x11/modular-xorg-xwayland: Makefile
   Added Files:
   	pkgsrc/x11/modular-xorg-server/patches: patch-dix_pixmap.c

   Log message:
   modular-xorg-*: provide patch (making this package equivalent to
   xorg-server 1.20.9, couldn't find a tarball).

   X.Org security advisory: July 31, 2020

   X Server Pixel Data Uninitialized Memory Information Disclosure
   ===============================================================

   CVE-2020-14347

   Allocation for pixmap data in AllocatePixmap() does not initialize the
   memory in xserver, it leads to leak uninitialize heap memory to
   clients. When the X server runs with elevated privileges.

   This flaw can lead to ASLR bypass, which when combined with other
   flaws (known/unknown) could lead to lead to privilege elevation in the
   client.

   Patch
   =====

   A patch for this issue has been commited to the xorg server git
   repository.  xorg-server 1.20.9 will be released shortly and will
   include this patch.

   https://gitlab.freedesktop.org/xorg/xserver.git

   diff --git a/dix/pixmap.c b/dix/pixmap.c
   index 1186d7dbb..5a0146bbb 100644
   --- a/dix/pixmap.c
   +++ b/dix/pixmap.c
   @@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
        if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
            return NullPixmap;

   -    pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
   +    pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
        if (!pPixmap)
            return NullPixmap;

   Thanks
   ======

   This vulnerability was discovered by Jan-Niklas Sohn working with
   Trend Micro Zero Day Initiative.