| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
delete known files. Fixes RPM build failures.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libnx-xinerama1.postinst.postinst (and remove in libnx-xinerama1.postinst.prerm.)
Due to the nx-x11-common package being a noarch/allarch package,
creating the symlink in nx-libs' Makefile will lead to the symlink
referencing the "default" architecture dpkg uses for building
noarch/allarch packages.
Incidentally, this worked fine for Debian, as amd64 seems to be the
default architecture. On Ubuntu, however, the default architecture up to
Vivid (15.04) was i386. For those builds, the symlink pointed to the 32
bit library of libNX_Xinerama.so.1 -- essentially breaking this feature.
Move the symlink creation to the arch-sensitive libnx-xinerama1 package.
The postinst and prerm scriptlets will work fine, unless someone
installs the i386 package version *after* the amd64 version. Given that
we already create symlinks to libNX_X11 and friends using that method,
no new regression is introduced. Strictly speaking that's a bug, but
we'll hopefully clean that up later...
|
|
|
|
|
|
|
| |
Backported from Arctica GH 3.6.x branch.
Affects:
- 0320_nxagent_configurable-keystrokes.full.patch
|
|
|
|
| |
Backported from Arctica GH 3.6.x branch.
|
| |
|
|
|
|
|
|
|
| |
Backported from Arctica GH 3.6.x branch.
Affects:
- 0320_nxagent_configurable-keystrokes.full.patch
|
|
|
|
|
|
|
| |
Backported from Arctica GH 3.6.x branch.
Affects:
- 0320_nxagent_configurable-keystrokes.full.patch
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
Worked out fine so far, because the next line was empty, but this can
easily change...
Cherry-picked from Arctica GH 3.6.x branch.
|
|
|
|
|
|
| |
Prevents random characters as being treated as part of a variable name.
Cherry-picked from Arctica GH 3.6.x branch.
|
|
|
|
| |
Cherry-picked from Arctica GH 3.6.x branch.
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes potential bugs, including one triggered by an unquoted hash within
the command line. BASH accepts this. Other shells do not (i.e., treat
everything following the hash character as a comment.)
Cherry-picked from Arctica GH 3.6.x branch.
Conflicts:
debian/roll-tarballs.sh
|
|
|
|
|
| |
Adds:
- 0650_nxcompshad_link-to-NX_Xext.full.patch
|
|
|
|
|
| |
Adds:
- 0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename:
- 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch =>
1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch
- 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch =>
1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch
- 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch =>
1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch
- 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch =>
1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch
- 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch =>
1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch
- 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch =>
1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch
- 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch =>
1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch
- 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch =>
1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch
- 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch =>
1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch
- 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch =>
1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch
- 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch =>
1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
- 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch =>
1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch
- 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch =>
1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch
- 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch =>
1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
- 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch =>
1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
- 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch =>
1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
- 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch =>
1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
- 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch =>
1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch
- 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch =>
1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch
- 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch =>
1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch
- 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch =>
1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch
- 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch =>
1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch
- 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch =>
1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch
- 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch =>
1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch
- 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch =>
1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch
- 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch =>
1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch
- 1027-render-check-request-size-before-reading-it-CVE-2014.patch =>
1027-render-check-request-size-before-reading-it-CVE.full.patch
- 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch =>
1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch
- 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch =>
1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch
- 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch =>
1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch
- 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch =>
1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch
- 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch =>
1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch
- 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch =>
1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch
- 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch =>
1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch
- 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch =>
1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch
- 1036-glx-Integer-overflow-protection-for-non-generated-re.patch =>
1036-glx-Integer-overflow-protection-for-non-generat.full.patch
- 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch =>
1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch
- 1038-glx-Length-checking-for-non-generated-single-request.patch =>
1038-glx-Length-checking-for-non-generated-single-re.full.patch
- 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch =>
1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch
- 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch =>
1040-glx-Pass-remaining-request-length-into-varsize-.full.patch
- 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch =>
1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch
- 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch =>
1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch
- 1101-Coverity-844-845-846-Fix-memory-leaks.patch =>
1101-Coverity-844-845-846-Fix-memory-leaks.full.patch
- 1102-include-introduce-byte-counting-functions.patch =>
1102-include-introduce-byte-counting-functions.full.patch
- 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch =>
1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch
- 1104-xkb-Check-strings-length-against-request-size.patch =>
1104-xkb-Check-strings-length-against-request-size.full.patch
|
|
|
|
|
|
|
| |
v2: backport to 3.5.0.x branch. (Mihai Moldovan)
Adds:
- 1200-CVE-2013-7439-MakeBigReq-don-t-move-the-last-wo.full.patch
|
|
|
|
|
|
|
|
|
| |
Fixes: #853.
v2: generally link to libdl in all of nx-X11. (Mike Gabriel)
Adds:
- 0630_nx-X11_fix-underlinking-dlopen-dlsym.full.patch
|
|
|
|
|
| |
Affects:
- 0990_fix-DEBUG-and-TEST-builds.full.patch
|
|
|
|
|
| |
Affects:
- 0017_nx-X11_fix-SetPictureFilter.full.patch
|
|
|
|
|
| |
Adds:
- 0017_nx-X11_fix-SetPictureFilter.full.patch
|
|
|
|
|
|
|
|
|
| |
OS X. ld(1) on 10.6 fails otherwise.
Affected:
- 0420_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
- 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full.patch
- 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full.patch
|
| |
|
|
|
|
| |
*nxcomp{ext,shad}*.full*.
|
| |
|
| |
|
|
|
|
| |
libNX_Xcomp*.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
if it is not available.
Also rename to account for dependency changes:
- 0070_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch =>
0410_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch
- 0071_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch =>
0610_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch
- 0072_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch =>
0611_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch
- 0073_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch =>
0612_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch
- 0074_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch =>
0613_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch
- 0075_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch =>
0614_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch
- 0610_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
=>
0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
- 0611_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
=>
0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
|
|
|
|
|
|
|
|
|
| |
from other UNIX-based systems.
Adds:
- 0410_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
- 0610_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
- 0611_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
|
|
|
|
|
|
|
|
| |
of -bundle.
Adds:
- 0074_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch
- 0075_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch
|
|
|
|
|
|
|
|
|
| |
old cruft. Adds:
- 0070_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch
- 0071_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch
- 0072_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch
- 0073_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
fixup NX-X11 directory (it won't be there.)
|
| |
|
|
|
|
|
|
|
|
|
| |
1101-Coverity-844-845-846-Fix-memory-leaks.patch
1102-include-introduce-byte-counting-functions.patch
1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patc
1104-xkb-Check-strings-length-against-request-size.patch
(The last patch is the CVE-2015-0255 patch.)
|
|
|
|
| |
broken comment paragraph, whitespace fix.
|
|
|
|
|
|
|
|
|
| |
1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch & 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch.
- Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch.
Initialize remaining bufleft variables (nx-X11/lib/font/fc/fserve.c).
- Add 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch.
Do proper input validation to fix for CVE-2011-2895.
|
|
|
|
|
|
|
|
|
|
| |
* CVE security review [1/2]:
- Update 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch.
Use xfree() instead of free() in nx-libs.
- Update 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch.
Apply correctly on nx-libs 3.6.x.
- Update 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch.
Human-readable version of "1 MB".
|
| |
|
|
|
|
| |
uninstallation has to be in uninstall-lite, not in uninstall-full.
|
|
|
|
| |
nxproxy/Makefile.in.
|
| |
|
| |
|
|
|
|
| |
/usr/lib/nx/bin/nx
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Security fixes:
- Rebase loads of X.Org patches (mainly from RHEL-5) against NX. If not
all patches from a CVE patch series appear here, then it means that
the affected file/code is not used in NX at build time.
- X.Org CVE-2011-2895:
1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch
- X.Org CVE-2011-4028:
1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch
- X.Org CVE-2013-4396:
1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch
- X.Org CVE-2013-6462:
1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch
- X.Org CVE-2014-0209:
1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch
1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch
- X.Org CVE-2014-0210:
1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch
1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch
1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch
1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch
1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch
1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch
1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch
- X.Org CVE-2014-0211:
1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch
1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch
1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch
1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch
- X.Org CVE-2014-8092:
1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch
1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch
1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch
1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch
- X.Org CVE-2014-8097:
1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch
- X.Org CVE-2014-8095:
1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch
- X.Org CVE-2014-8096:
1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch
- X.Org CVE-2014-8099:
1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch
- X.Org CVE-2014-8100:
1027-render-check-request-size-before-reading-it-CVE-2014.patch
1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch
- X.Org CVE-2014-8102:
1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch
- X.Org CVE-2014-8101:
1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch
- X.Org CVE-2014-8093:
1031-glx-Be-more-paranoid-about-variable-length-requests-.patch
1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch
1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch
1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch
1036-glx-Integer-overflow-protection-for-non-generated-re.patch
- X.Org CVE-2014-8098:
1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch
1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch
1038-glx-Length-checking-for-non-generated-single-request.patch
1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch
1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch
- Security fixes with no assigned CVE:
1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch
|