./x11/modular-xorg-server, Modular X11 server from modular X.org

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.20.8nb2, Package name: modular-xorg-server-1.20.8nb2, Maintainer: pkgsrc-users

The X.org X11 Server from the modularized source tree of
X.org X11.

Required to run:
[graphics/MesaLib] [fonts/libfontenc] [x11/libdrm] [x11/xkbcomp] [x11/Xfixes] [x11/libXau] [x11/pixman] [x11/xkeyboard-config] [x11/xcb-util-keysyms] [graphics/libepoxy] [x11/libxshmfence] [x11/libXfont2]

Required to build:
[pkgtools/x11-links] [x11/xtrans] [x11/xcb-proto] [x11/fixesproto4] [devel/tradcpp] [pkgtools/cwrappers] [x11/xorgproto]

Package options: dri, inet6

Master sites:

SHA1: 077d081f912faf11c87ea1c9d0e29490961b0cd4
RMD160: 74f2a5ab7b482d2aded54fd412e9c0d673f270ba
Filesize: 6161.758 KB

Version history: (Expand)

CVS history: (Expand)

   2020-07-31 18:50:57 by Maya Rashish | Files touched by this commit (5)
Log message:
modular-xorg-*: provide patch (making this package equivalent to
xorg-server 1.20.9, couldn't find a tarball).

X.Org security advisory: July 31, 2020

X Server Pixel Data Uninitialized Memory Information Disclosure


Allocation for pixmap data in AllocatePixmap() does not initialize the
memory in xserver, it leads to leak uninitialize heap memory to
clients. When the X server runs with elevated privileges.

This flaw can lead to ASLR bypass, which when combined with other
flaws (known/unknown) could lead to lead to privilege elevation in the


A patch for this issue has been commited to the xorg server git
repository.  xorg-server 1.20.9 will be released shortly and will
include this patch.


diff --git a/dix/pixmap.c b/dix/pixmap.c
index 1186d7dbb..5a0146bbb 100644
--- a/dix/pixmap.c
+++ b/dix/pixmap.c
@@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
     if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
         return NullPixmap;

-    pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
+    pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
     if (!pPixmap)
         return NullPixmap;


This vulnerability was discovered by Jan-Niklas Sohn working with
Trend Micro Zero Day Initiative.
   2020-05-22 12:56:49 by Adam Ciarcinski | Files touched by this commit (624)
Log message:
revbump after updating security/nettle
   2020-03-13 12:16:59 by Tobias Nygren | Files touched by this commit (1)
Log message:
modular-xorg-server: skip portability check hw/xquartz/bundle/mk_bundke.sh
   2020-03-08 17:12:31 by Tobias Nygren | Files touched by this commit (1)
Log message:
modular-xorg-server: Put back --enable-input-thread for SunOS

It's not possible to build without input-thread due to missing symbol
ddxInputThreadInit. input-thread seems to no longer crash the server.
   2020-02-05 21:18:27 by Tobias Nygren | Files touched by this commit (2)
Log message:
modular-xorg-server: fix build on aarch64
   2020-01-19 00:36:14 by Roland Illig | Files touched by this commit (3046)
Log message:
all: migrate several HOMEPAGEs to https

pkglint --only "https instead of http" -r -F

With manual adjustments afterwards since pkglint 19.4.4 fixed a few
indentations in unrelated lines.

This mainly affects projects hosted at SourceForce, as well as
freedesktop.org, CTAN and GNU.
   2020-01-15 15:24:04 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
modular-xorg-server: update to 1.20.7.

A variety of bugfixes, primarily in modesetting, glamor, and Solaris
support. This release also contains support for choosing the DRI driver
via EGL_MESA_query_driver. Thanks to all who contributed with testing
and fixes!

Aaron Plattner (1):
     modesetting: Check whether RandR was initialized before calling rrGetScrPriv

Alan Coopersmith (5):
     os-support/solaris: Drop ExtendedEnabled global variable
     Add ddxInputThread call from os layer into ddx layer
     Add xf86OSInputThreadInit call from common layer into os-support layer
     os-support/solaris: Set IOPL for input thread too
     ospoll: Fix Solaris ports implementation to build on Solaris 11.4

Kenneth Graunke (2):
     glamor: Add a function to get the driver name via EGL_MESA_query_driver
     modesetting: Use EGL_MESA_query_driver to select DRI driver if possible

Matt Turner (1):
     xserver 1.20.7

Michel Dänzer (5):
     modesetting: Call glamor_finish from drmmode_crtc_set_mode
     xfree86/modes: Call xf86RotateRedisplay from xf86CrtcRotate
     modesetting: Clear new screen pixmap storage on RandR resize
     xwayland: Do flush GPU work in xwl_present_flush
     glamor: Only use dual blending with GLSL >= 1.30

Peter Hutterer (1):
     Xi: return AlreadyGrabbed for key grabs > 255
   2019-12-10 18:27:05 by Nia Alarie | Files touched by this commit (3) | Package updated
Log message:
modular-xorg-server: Sync with current NetBSD xsrc

Match the modesetting driver on x86 and ARM NetBSD.

from maya