aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Security fixes: X.Org CVE-2013-4396:Mihai Moldovan2015-06-022-5/+52
| | | | | | | | v2: Apply to NXdixfonts.c rather than dixfonts.c (Mike DePaulo) v3: backport v2 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch
* nxcomp/README.on-retroactive-DXPC-license: Some layout and interpunctuation ↵Mike Gabriel2015-06-022-1/+6
| | | | | | | | | fixes. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch
* nxcomp/Misc.cpp: fix build failure introduced in ↵Mihai Moldovan2015-05-282-3/+8
| | | | | | | | | a27a8aae3ca7a3f70e05152ac3d347942e11159d. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch
* debian/changelog: typo fix.Mihai Moldovan2015-05-281-1/+1
|
* Support tarring up the HEAD of the current branch.Mike Gabriel2015-05-282-2/+3
|
* Allow patch files names having a dash next to the four digits (i.e., ↵Mike Gabriel2015-05-282-2/+4
| | | | 1234-<patchname>.<suffix>).
* Add 9900-dxpc-license-history.full+lite.patch. Document license history of ↵Mike Gabriel2015-05-283-0/+4179
| | | | | | DXPC (where nxcomp got forked from). Backported from Arctica GH 3.6.x branch.
* debian/COPYING.full+lite: Replace content with GPL-2 license text, because ↵Mike Gabriel2015-05-282-42/+329
| | | | that is the overall (i.e., strictest) license we have to deal with in nx-libs.
* debian/roll-tarball.sh: Make sure *.keyboard, debian/**, nx-libs.spec, ↵Mike Gabriel2015-05-282-6/+8
| | | | .pc/** don't end up in tarball (special focuse on the nx-libs-lite tarball).
* debian/changelog: add entry for last change.Mihai Moldovan2015-05-261-0/+5
|
* nxcomp: fix DEBUG, TEST, DUMP, FLUSH, TOKEN, PING, MIXED et al builds.Mihai Moldovan2015-05-262-0/+53
| | | | | | | | | Submitted by Nito Martinez of the Qindel Group. Backported from Arctica GH 3.6.x branch. Adds: - 0992_fix-DEBUG-TEST-DUMP-FLUSH-TOKEN-PING-et-al-builds.full+lite.patch
* debian/changelog: add entry for last change.Mihai Moldovan2015-05-261-0/+6
|
* Security fixes: X.Org CVE-2014-8100:Mihai Moldovan2015-05-261-16/+137
| | | | | | | | v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: - 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch
* debian/changelog: add entry for last change.Mihai Moldovan2015-05-261-0/+6
|
* Security fixes: X.Org CVE-2014-8100:Mihai Moldovan2015-05-261-6/+18
| | | | | | | | v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: - 1027-render-check-request-size-before-reading-it-CVE.full.patch
* debian/libnx-xinerama1.*: fix faulty logic when creating symlinks.Mihai Moldovan2015-05-052-3/+5
| | | | Backported from Arctica GH 3.6.x branch.
* debian/control: workaround missing dependencies of nxagent on Ubuntu for now.Mihai Moldovan2015-05-022-0/+8
|
* Security fixes: X.Org CVE-2015-3418:Mike Gabriel2015-05-013-0/+33
| | | | | | | v3: backport to 3.5.0.x branch. (Mihai Moldovan) Adds: - 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch
* nx-libs.spec: actually create libXinerama.so.1 symlink during build phase.Mihai Moldovan2015-04-302-0/+3
| | | | Backported from Arctica GH 3.6.x branch.
* debian/changelog: add changelog entry for the last two changes.Mihai Moldovan2015-04-301-0/+7
|
* debian/libnx-xinerama1.*: move Xinerama dir back to nx-x11-common. Only ↵Mihai Moldovan2015-04-303-8/+14
| | | | delete known files. Fixes RPM build failures.
* libnx-xinerama1: also create libXinerama symlink in ↵Mihai Moldovan2015-04-293-29/+36
| | | | | | | | | | | | | | | | | | | | | libnx-xinerama1.postinst.postinst (and remove in libnx-xinerama1.postinst.prerm.) Due to the nx-x11-common package being a noarch/allarch package, creating the symlink in nx-libs' Makefile will lead to the symlink referencing the "default" architecture dpkg uses for building noarch/allarch packages. Incidentally, this worked fine for Debian, as amd64 seems to be the default architecture. On Ubuntu, however, the default architecture up to Vivid (15.04) was i386. For those builds, the symlink pointed to the 32 bit library of libNX_Xinerama.so.1 -- essentially breaking this feature. Move the symlink creation to the arch-sensitive libnx-xinerama1 package. The postinst and prerm scriptlets will work fine, unless someone installs the i386 package version *after* the amd64 version. Given that we already create symlinks to libNX_X11 and friends using that method, no new regression is introduced. Strictly speaking that's a bug, but we'll hopefully clean that up later...
* README.keystrokes: remove accidentally copied Dokuwiki syntax.Mihai Moldovan2015-04-272-1/+2
| | | | | | | Backported from Arctica GH 3.6.x branch. Affects: - 0320_nxagent_configurable-keystrokes.full.patch
* etc/keystrokes.cfg: fix whitespace errors.Mihai Moldovan2015-04-272-16/+18
| | | | Backported from Arctica GH 3.6.x branch.
* debian/changelog: unify entry for README.keystrokes.Mihai Moldovan2015-04-271-4/+2
|
* README.keystrokes: add documentation for branding behavior.Mihai Moldovan2015-04-272-3/+16
| | | | | | | Backported from Arctica GH 3.6.x branch. Affects: - 0320_nxagent_configurable-keystrokes.full.patch
* README.keystrokes: copy actions documentation from the wiki.Mihai Moldovan2015-04-272-11/+26
| | | | | | | Backported from Arctica GH 3.6.x branch. Affects: - 0320_nxagent_configurable-keystrokes.full.patch
* debian/changelog: document the last commits.Mihai Moldovan2015-04-271-0/+12
|
* debian/roll-tarballs.sh: next batch of quotes.Mihai Moldovan2015-04-271-27/+27
|
* debian/roll-tarballs.sh: whitespace changes for consistency.Mihai Moldovan2015-04-271-30/+30
|
* debian/roll-tarballs.sh: don't escape last newline of a multiline command.Mihai Moldovan2015-04-271-1/+1
| | | | | | | Worked out fine so far, because the next line was empty, but this can easily change... Cherry-picked from Arctica GH 3.6.x branch.
* debian/roll-tarballs.sh: use more curly braces.Mihai Moldovan2015-04-271-3/+3
| | | | | | Prevents random characters as being treated as part of a variable name. Cherry-picked from Arctica GH 3.6.x branch.
* debian/roll-tarballs.sh: convert tabs to spaces.Mihai Moldovan2015-04-271-9/+9
| | | | Cherry-picked from Arctica GH 3.6.x branch.
* debian/roll-tarballs.sh: use more quotes.Mihai Moldovan2015-04-271-16/+16
| | | | | | | | | | | Fixes potential bugs, including one triggered by an unquoted hash within the command line. BASH accepts this. Other shells do not (i.e., treat everything following the hash character as a comment.) Cherry-picked from Arctica GH 3.6.x branch. Conflicts: debian/roll-tarballs.sh
* nxcompshad: Prevent underlinking by linking to libNX_Xext.Mike Gabriel2015-04-273-0/+18
| | | | | Adds: - 0650_nxcompshad_link-to-NX_Xext.full.patch
* nx-X11: Prevent underlinking by linking to libNX_X{11,damage,fixes).Mike Gabriel2015-04-273-0/+19
| | | | | Adds: - 0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch
* CVE patches were previously not included in release tarballs.Mihai Moldovan2015-04-2648-46/+140
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rename: - 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch => 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch - 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch => 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch => 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch - 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch => 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch - 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch => 1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch => 1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch => 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch - 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch => 1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch - 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch => 1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch - 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch => 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch - 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch => 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch => 1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch - 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch => 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch - 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch => 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch => 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch => 1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch - 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch => 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch - 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch => 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch - 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch => 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch - 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch => 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch - 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch => 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch - 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch => 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch - 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch => 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch - 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch => 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch - 1027-render-check-request-size-before-reading-it-CVE-2014.patch => 1027-render-check-request-size-before-reading-it-CVE.full.patch - 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch => 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch - 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch => 1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch - 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch => 1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch - 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch => 1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch - 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch => 1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch - 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch => 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch - 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch => 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch - 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch => 1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch - 1036-glx-Integer-overflow-protection-for-non-generated-re.patch => 1036-glx-Integer-overflow-protection-for-non-generat.full.patch - 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch => 1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch - 1038-glx-Length-checking-for-non-generated-single-request.patch => 1038-glx-Length-checking-for-non-generated-single-re.full.patch - 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch => 1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch - 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch => 1040-glx-Pass-remaining-request-length-into-varsize-.full.patch - 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch => 1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch - 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch => 1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch - 1101-Coverity-844-845-846-Fix-memory-leaks.patch => 1101-Coverity-844-845-846-Fix-memory-leaks.full.patch - 1102-include-introduce-byte-counting-functions.patch => 1102-include-introduce-byte-counting-functions.full.patch - 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch => 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch - 1104-xkb-Check-strings-length-against-request-size.patch => 1104-xkb-Check-strings-length-against-request-size.full.patch
* Security fixes: X.Org CVE-2013-7439:Mike Gabriel2015-04-263-0/+83
| | | | | | | v2: backport to 3.5.0.x branch. (Mihai Moldovan) Adds: - 1200-CVE-2013-7439-MakeBigReq-don-t-move-the-last-wo.full.patch
* nx-X11: link to libdl to fix undefined references to 'dlopen' and 'dlsym'. ↵Bernard Cafarelli2015-04-263-0/+25
| | | | | | | | | Fixes: #853. v2: generally link to libdl in all of nx-X11. (Mike Gabriel) Adds: - 0630_nx-X11_fix-underlinking-dlopen-dlsym.full.patch
* nx-X11: add more NULL guards to TEST and DEBUG sections of Render.c.Mihai Moldovan2015-03-292-5/+267
| | | | | Affects: - 0990_fix-DEBUG-and-TEST-builds.full.patch
* nx-X11: fix typo in previous patch.Mihai Moldovan2015-03-292-1/+4
| | | | | Affects: - 0017_nx-X11_fix-SetPictureFilter.full.patch
* nx-X11: handle source pictures (those without a Drawable surface) gracefully.Mihai Moldovan2015-03-293-0/+184
| | | | | Adds: - 0017_nx-X11_fix-SetPictureFilter.full.patch
* Only use the first three numbers in the full version for current_version on ↵Mihai Moldovan2015-03-264-16/+28
| | | | | | | | | OS X. ld(1) on 10.6 fails otherwise. Affected: - 0420_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full.patch - 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full.patch
* Continue developmentX2Go Release Manager2015-03-173-2/+8
|
* Mid-release fixup: Rename *nxcomp{ext,shad}*.full+lite* to ↵redist-server/3.5.0.31redist-client/3.5.0.31X2Go Release Manager2015-03-177-5/+7
| | | | *nxcomp{ext,shad}*.full*.
* release 3.5.0.31X2Go Release Manager2015-03-171-2/+2
|
* nx-libs.spec: add overlooked Obsolete: statement to libNX_Xfixes3.Mihai Moldovan2015-03-172-0/+2
|
* nx-libs.spec: Versioned libXcomp* should obsolete unversioned libXcomp*, not ↵Mihai Moldovan2015-03-172-3/+6
| | | | libNX_Xcomp*.
* nx{comp{,ext,shad},proxy}: try really hard to find makedepend. Do not fail ↵Mihai Moldovan2015-03-1615-115/+220
| | | | | | | | | | | | | | | | | | | | | | | | if it is not available. Also rename to account for dependency changes: - 0070_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch => 0410_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch - 0071_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch => 0610_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch - 0072_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch => 0611_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch - 0073_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch => 0612_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch - 0074_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch => 0613_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch - 0075_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch => 0614_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch - 0610_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch => 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0611_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch => 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
* nxcomp{,ext,shad}: use the correct library naming scheme on OS X. It differs ↵Clemens Lang2015-03-155-0/+179
| | | | | | | | | from other UNIX-based systems. Adds: - 0410_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0610_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0611_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch