aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* debian/changelog: add changelog entry for the last two changes.Mihai Moldovan2015-04-301-0/+7
|
* debian/libnx-xinerama1.*: move Xinerama dir back to nx-x11-common. Only ↵Mihai Moldovan2015-04-303-8/+14
| | | | delete known files. Fixes RPM build failures.
* libnx-xinerama1: also create libXinerama symlink in ↵Mihai Moldovan2015-04-293-29/+36
| | | | | | | | | | | | | | | | | | | | | libnx-xinerama1.postinst.postinst (and remove in libnx-xinerama1.postinst.prerm.) Due to the nx-x11-common package being a noarch/allarch package, creating the symlink in nx-libs' Makefile will lead to the symlink referencing the "default" architecture dpkg uses for building noarch/allarch packages. Incidentally, this worked fine for Debian, as amd64 seems to be the default architecture. On Ubuntu, however, the default architecture up to Vivid (15.04) was i386. For those builds, the symlink pointed to the 32 bit library of libNX_Xinerama.so.1 -- essentially breaking this feature. Move the symlink creation to the arch-sensitive libnx-xinerama1 package. The postinst and prerm scriptlets will work fine, unless someone installs the i386 package version *after* the amd64 version. Given that we already create symlinks to libNX_X11 and friends using that method, no new regression is introduced. Strictly speaking that's a bug, but we'll hopefully clean that up later...
* README.keystrokes: remove accidentally copied Dokuwiki syntax.Mihai Moldovan2015-04-272-1/+2
| | | | | | | Backported from Arctica GH 3.6.x branch. Affects: - 0320_nxagent_configurable-keystrokes.full.patch
* etc/keystrokes.cfg: fix whitespace errors.Mihai Moldovan2015-04-272-16/+18
| | | | Backported from Arctica GH 3.6.x branch.
* debian/changelog: unify entry for README.keystrokes.Mihai Moldovan2015-04-271-4/+2
|
* README.keystrokes: add documentation for branding behavior.Mihai Moldovan2015-04-272-3/+16
| | | | | | | Backported from Arctica GH 3.6.x branch. Affects: - 0320_nxagent_configurable-keystrokes.full.patch
* README.keystrokes: copy actions documentation from the wiki.Mihai Moldovan2015-04-272-11/+26
| | | | | | | Backported from Arctica GH 3.6.x branch. Affects: - 0320_nxagent_configurable-keystrokes.full.patch
* debian/changelog: document the last commits.Mihai Moldovan2015-04-271-0/+12
|
* debian/roll-tarballs.sh: next batch of quotes.Mihai Moldovan2015-04-271-27/+27
|
* debian/roll-tarballs.sh: whitespace changes for consistency.Mihai Moldovan2015-04-271-30/+30
|
* debian/roll-tarballs.sh: don't escape last newline of a multiline command.Mihai Moldovan2015-04-271-1/+1
| | | | | | | Worked out fine so far, because the next line was empty, but this can easily change... Cherry-picked from Arctica GH 3.6.x branch.
* debian/roll-tarballs.sh: use more curly braces.Mihai Moldovan2015-04-271-3/+3
| | | | | | Prevents random characters as being treated as part of a variable name. Cherry-picked from Arctica GH 3.6.x branch.
* debian/roll-tarballs.sh: convert tabs to spaces.Mihai Moldovan2015-04-271-9/+9
| | | | Cherry-picked from Arctica GH 3.6.x branch.
* debian/roll-tarballs.sh: use more quotes.Mihai Moldovan2015-04-271-16/+16
| | | | | | | | | | | Fixes potential bugs, including one triggered by an unquoted hash within the command line. BASH accepts this. Other shells do not (i.e., treat everything following the hash character as a comment.) Cherry-picked from Arctica GH 3.6.x branch. Conflicts: debian/roll-tarballs.sh
* nxcompshad: Prevent underlinking by linking to libNX_Xext.Mike Gabriel2015-04-273-0/+18
| | | | | Adds: - 0650_nxcompshad_link-to-NX_Xext.full.patch
* nx-X11: Prevent underlinking by linking to libNX_X{11,damage,fixes).Mike Gabriel2015-04-273-0/+19
| | | | | Adds: - 0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch
* CVE patches were previously not included in release tarballs.Mihai Moldovan2015-04-2648-46/+140
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rename: - 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch => 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch - 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch => 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch => 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch - 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch => 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch - 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch => 1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch => 1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch => 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch - 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch => 1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch - 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch => 1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch - 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch => 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch - 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch => 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch => 1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch - 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch => 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch - 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch => 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch => 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch => 1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch - 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch => 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch - 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch => 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch - 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch => 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch - 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch => 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch - 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch => 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch - 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch => 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch - 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch => 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch - 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch => 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch - 1027-render-check-request-size-before-reading-it-CVE-2014.patch => 1027-render-check-request-size-before-reading-it-CVE.full.patch - 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch => 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch - 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch => 1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch - 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch => 1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch - 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch => 1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch - 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch => 1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch - 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch => 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch - 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch => 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch - 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch => 1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch - 1036-glx-Integer-overflow-protection-for-non-generated-re.patch => 1036-glx-Integer-overflow-protection-for-non-generat.full.patch - 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch => 1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch - 1038-glx-Length-checking-for-non-generated-single-request.patch => 1038-glx-Length-checking-for-non-generated-single-re.full.patch - 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch => 1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch - 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch => 1040-glx-Pass-remaining-request-length-into-varsize-.full.patch - 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch => 1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch - 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch => 1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch - 1101-Coverity-844-845-846-Fix-memory-leaks.patch => 1101-Coverity-844-845-846-Fix-memory-leaks.full.patch - 1102-include-introduce-byte-counting-functions.patch => 1102-include-introduce-byte-counting-functions.full.patch - 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch => 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch - 1104-xkb-Check-strings-length-against-request-size.patch => 1104-xkb-Check-strings-length-against-request-size.full.patch
* Security fixes: X.Org CVE-2013-7439:Mike Gabriel2015-04-263-0/+83
| | | | | | | v2: backport to 3.5.0.x branch. (Mihai Moldovan) Adds: - 1200-CVE-2013-7439-MakeBigReq-don-t-move-the-last-wo.full.patch
* nx-X11: link to libdl to fix undefined references to 'dlopen' and 'dlsym'. ↵Bernard Cafarelli2015-04-263-0/+25
| | | | | | | | | Fixes: #853. v2: generally link to libdl in all of nx-X11. (Mike Gabriel) Adds: - 0630_nx-X11_fix-underlinking-dlopen-dlsym.full.patch
* nx-X11: add more NULL guards to TEST and DEBUG sections of Render.c.Mihai Moldovan2015-03-292-5/+267
| | | | | Affects: - 0990_fix-DEBUG-and-TEST-builds.full.patch
* nx-X11: fix typo in previous patch.Mihai Moldovan2015-03-292-1/+4
| | | | | Affects: - 0017_nx-X11_fix-SetPictureFilter.full.patch
* nx-X11: handle source pictures (those without a Drawable surface) gracefully.Mihai Moldovan2015-03-293-0/+184
| | | | | Adds: - 0017_nx-X11_fix-SetPictureFilter.full.patch
* Only use the first three numbers in the full version for current_version on ↵Mihai Moldovan2015-03-264-16/+28
| | | | | | | | | OS X. ld(1) on 10.6 fails otherwise. Affected: - 0420_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full.patch - 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full.patch
* Continue developmentX2Go Release Manager2015-03-173-2/+8
|
* Mid-release fixup: Rename *nxcomp{ext,shad}*.full+lite* to ↵redist-server/3.5.0.31redist-client/3.5.0.31X2Go Release Manager2015-03-177-5/+7
| | | | *nxcomp{ext,shad}*.full*.
* release 3.5.0.31X2Go Release Manager2015-03-171-2/+2
|
* nx-libs.spec: add overlooked Obsolete: statement to libNX_Xfixes3.Mihai Moldovan2015-03-172-0/+2
|
* nx-libs.spec: Versioned libXcomp* should obsolete unversioned libXcomp*, not ↵Mihai Moldovan2015-03-172-3/+6
| | | | libNX_Xcomp*.
* nx{comp{,ext,shad},proxy}: try really hard to find makedepend. Do not fail ↵Mihai Moldovan2015-03-1615-115/+220
| | | | | | | | | | | | | | | | | | | | | | | | if it is not available. Also rename to account for dependency changes: - 0070_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch => 0410_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch - 0071_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch => 0610_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch - 0072_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch => 0611_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch - 0073_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch => 0612_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch - 0074_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch => 0613_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch - 0075_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch => 0614_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch - 0610_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch => 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0611_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch => 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
* nxcomp{,ext,shad}: use the correct library naming scheme on OS X. It differs ↵Clemens Lang2015-03-155-0/+179
| | | | | | | | | from other UNIX-based systems. Adds: - 0410_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0610_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0611_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
* nxcomp{,shad}: fix dynamic library linking on OS X. Use -dynamiclib instead ↵Clemens Lang2015-03-154-0/+44
| | | | | | | | of -bundle. Adds: - 0074_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch - 0075_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch
* nx{comp{,ext,shad},proxy}: use path discovery for finding makedepend. Remove ↵Clemens Lang2015-03-156-2/+116
| | | | | | | | | old cruft. Adds: - 0070_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch - 0071_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch - 0072_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch - 0073_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch
* debian/changelog: merge with 3.6.x development branch.Mihai Moldovan2015-03-151-2/+2
|
* Continue developmentX2Go Release Manager2015-03-153-2/+9
|
* release 3.5.0.30redist-server/3.5.0.30redist-client/3.5.0.30Mike Gabriel2015-03-141-2/+8
|
* Continue developmentX2Go Release Manager2015-03-132-2/+2
|
* debian/roll-tarballs.sh: fix tarball creation in lite mode: do not try to ↵X2Go Release Manager2015-03-132-31/+40
| | | | fixup NX-X11 directory (it won't be there.)
* release 3.5.0.29redist-server/3.5.0.29redist-client/3.5.0.29X2Go Release Manager2015-03-131-10/+6
|
* X.org CVE-2015-0255 patch and its 3 prereq patchesmasterMike DePaulo2015-02-186-0/+408
| | | | | | | | | 1101-Coverity-844-845-846-Fix-memory-leaks.patch 1102-include-introduce-byte-counting-functions.patch 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patc 1104-xkb-Check-strings-length-against-request-size.patch (The last patch is the CVE-2015-0255 patch.)
* Update 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. Fix ↵Mike Gabriel2015-02-162-9/+12
| | | | broken comment paragraph, whitespace fix.
* CVE security review: Add ↵Mihai Moldovan2015-02-164-2/+8
| | | | | | | | | 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch & 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. - Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch. Initialize remaining bufleft variables (nx-X11/lib/font/fc/fserve.c). - Add 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. Do proper input validation to fix for CVE-2011-2895.
* CVE security review [1/2].Mihai Moldovan2015-02-166-24/+182
| | | | | | | | | | * CVE security review [1/2]: - Update 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch. Use xfree() instead of free() in nx-libs. - Update 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch. Apply correctly on nx-libs 3.6.x. - Update 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch. Human-readable version of "1 MB".
* debian/changelog: fix too-long linesMike Gabriel2015-02-161-4/+4
|
* Makefile.nx-libs: Fix uninstall-lite rule. The nxproxy and nxcomp ↵Mike Gabriel2015-02-162-5/+11
| | | | uninstallation has to be in uninstall-lite, not in uninstall-full.
* Make install-lite rule in Makefile.nx-libs more predictable and not rely on ↵Mike Gabriel2015-02-162-5/+12
| | | | nxproxy/Makefile.in.
* Install "%{_libdir}/nx/bin" into nxproxy package.Mike Gabriel2015-02-162-0/+3
|
* nx-libs.spec: Typo fix in comment.Mike Gabriel2015-02-161-1/+1
|
* Fix FTBFS due to the nxproxy executable already existing under ↵Mike DePaulo2015-02-142-2/+2
| | | | /usr/lib/nx/bin/nx
* 40 patches, fixing several X.Org CVEs in NX.Mike Gabriel2015-02-1442-0/+4346
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Security fixes: - Rebase loads of X.Org patches (mainly from RHEL-5) against NX. If not all patches from a CVE patch series appear here, then it means that the affected file/code is not used in NX at build time. - X.Org CVE-2011-2895: 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch - X.Org CVE-2011-4028: 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch - X.Org CVE-2013-4396: 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch - X.Org CVE-2013-6462: 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch - X.Org CVE-2014-0209: 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch - X.Org CVE-2014-0210: 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch - X.Org CVE-2014-0211: 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch - X.Org CVE-2014-8092: 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch - X.Org CVE-2014-8097: 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch - X.Org CVE-2014-8095: 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch - X.Org CVE-2014-8096: 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch - X.Org CVE-2014-8099: 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch - X.Org CVE-2014-8100: 1027-render-check-request-size-before-reading-it-CVE-2014.patch 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch - X.Org CVE-2014-8102: 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch - X.Org CVE-2014-8101: 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch - X.Org CVE-2014-8093: 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch 1036-glx-Integer-overflow-protection-for-non-generated-re.patch - X.Org CVE-2014-8098: 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch 1038-glx-Length-checking-for-non-generated-single-request.patch 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch - Security fixes with no assigned CVE: 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch