aboutsummaryrefslogtreecommitdiff
path: root/debian
Commit message (Collapse)AuthorAgeFilesLines
* nx-X11: Backport: RRModeCreate: plug memory leak of newModes if AddResource ↵Alan Coopersmith2015-07-043-0/+49
| | | | | | | | | | | | | | | | | | | | | | | fails Reported by parfait 1.0: Error: Memory leak (CWE 401) Memory leak of pointer 'newModes' allocated with realloc(((char*)modes), ((num_modes + 1) * 8)) at line 93 of randr/rrmode.c in function 'RRModeCreate'. pointer allocated at line 82 with realloc(((char*)modes), ((num_modes + 1) * 8)). Error: Memory leak (CWE 401) Memory leak of pointer 'newModes' allocated with malloc(8) at line 93 of randr/rrmode.c in function 'RRModeCreate'. pointer allocated at line 84 with malloc(8). Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Keith Packard <keithp@keithp.com> Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
* nx-X11: Backport: randr: fix server crash in RRGetScreenInfoJulien Cristau2015-07-043-0/+43
| | | | | | | | | | | | | | | | We don't return rates to randr < 1.1 clients, so don't allocate space for them. This fixes a FatalError due to not all allocated space being used. X.Org bug#21861 <http://bugs.freedesktop.org/show_bug.cgi?id=21861> Reported-by: Guillaume Quintin <coincoin169g@gmail.com> Signed-off-by: Julien Cristau <jcristau@debian.org> Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
* nx-X11: Backport: randr: check for virtual size limits before set crtcTiago Vignatti2015-07-043-0/+48
| | | | | | | | | | | | | | Return a error if the screen is configured to an invalid size. Signed-off-by: Tiago Vignatti <tiago.vignatti@nokia.com> Reviewed-by: Adam Jackson <ajax@redhat.com> Reviewed-by: Daniel Stone <daniel@fooishbar.org> Signed-off-by: Keith Packard <keithp@keithp.com> Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
* nx-X11: Backport: Free randr crtc and output pointer arraysKeith Packard2015-07-043-0/+37
| | | | | | | | | | | | | All of the crts and outputs were freed, but not the arrays full of pointers to them. Signed-off-by: Keith Packard <keithp@keithp.com> Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
* nx-X11: Backport: Drop a reference to user mode after createKeith Packard2015-07-043-0/+35
| | | | | | | | | | User mode has no customer when create until assigned to some output. Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
* nx-X11: Backport: Bug 51375: Xorg doesn't set status for RRGetOutputInfoJaroslav Šmíd2015-07-043-0/+39
| | | | | | | | | | | | | | https://bugs.freedesktop.org/show_bug.cgi?id=51375 https://bugs.freedesktop.org/attachment.cgi?id=63397 Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Keith Packard <keithp@keithp.com> Tested-by: Daniel Stone <daniel@fooishbar.org> Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
* {nx-X11,nxproxy}: correct manpages: --help -> -helpMike DePaulo2015-06-294-3/+20
| | | | | | | | | | | | | | | | | | | | | | xorg-server does not follow the convention of using 2 dashes. Note that --help does produce the help output. However, it produces this additional output after it: Error: Aborting session with 'Unrecognized option: --help'. Session: Aborting session at 'Sun Jun 28 01:35:35 2015'. Session: Session aborted at 'Sun Jun 28 01:35:35 2015'. It also causes a return code of 1 rather than 0. Therefore, we should instruct users to call -help instead. v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Affects: - 0009_nxagent_add-man-page.full.patch - 0009_nxproxy_add-man-page.full+lite.patch - 0209_x2goagent_add-man-page.full.patch
* nx-X11: Fix alpha premultiplication in XRenderParseColor. Fixes: #893.Emanuele Giaquinta2015-06-233-0/+40
| | | | | | | | | | | | | | | | Due to C arithmetic conversion rules we must use an unsigned constant (or a cast) to perform the multiplication using unsigned arithmetic. Fixes ArcticaProject/nx-libs#55. Author: Emanuele Giaquinta <emanuele.giaquinta@gmail.com> Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com> v2: backport to nx-libs 3.6.x (Mike Gabriel) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0040_nx-X11_Fix-alpha-premultiplication-in-XRenderPa.full.patch
* debian/control: Add Breaks:/Replaces: for qvd-libxcomp3 and qvd-nxproxy.Mike Gabriel2015-06-201-2/+6
|
* nxcomp: fix "negotiation in stage 10" error.Vadim Troshchinskiy2015-06-163-0/+74
| | | | | | | | | | Problem fixed by adding a select() call to implement a timeout, and retrying writes if needed. v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0660_nxcomp_fix-negotiation-in-stage-10-error.full+lite.patch
* Security fixes: X.Org CVE-2014-8099:Mihai Moldovan2015-06-022-5/+170
| | | | | | | | v3: port to NXxvdisp.c rather than xvdisp.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: - 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch
* Security fixes: X.Org CVE-2015-3418:Mihai Moldovan2015-06-022-2/+20
| | | | | | | | v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: - 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch
* Security fixes: X.Org CVE-2014-8092:Mihai Moldovan2015-06-022-5/+22
| | | | | | | | v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: - 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch
* Security fixes: X.Org CVE-2013-4396:Mihai Moldovan2015-06-022-5/+52
| | | | | | | | v2: Apply to NXdixfonts.c rather than dixfonts.c (Mike DePaulo) v3: backport v2 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch
* nxcomp/README.on-retroactive-DXPC-license: Some layout and interpunctuation ↵Mike Gabriel2015-06-022-1/+6
| | | | | | | | | fixes. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch
* nxcomp/Misc.cpp: fix build failure introduced in ↵Mihai Moldovan2015-05-282-3/+8
| | | | | | | | | a27a8aae3ca7a3f70e05152ac3d347942e11159d. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch
* debian/changelog: typo fix.Mihai Moldovan2015-05-281-1/+1
|
* Support tarring up the HEAD of the current branch.Mike Gabriel2015-05-282-2/+3
|
* Allow patch files names having a dash next to the four digits (i.e., ↵Mike Gabriel2015-05-282-2/+4
| | | | 1234-<patchname>.<suffix>).
* Add 9900-dxpc-license-history.full+lite.patch. Document license history of ↵Mike Gabriel2015-05-283-0/+4179
| | | | | | DXPC (where nxcomp got forked from). Backported from Arctica GH 3.6.x branch.
* debian/COPYING.full+lite: Replace content with GPL-2 license text, because ↵Mike Gabriel2015-05-282-42/+329
| | | | that is the overall (i.e., strictest) license we have to deal with in nx-libs.
* debian/roll-tarball.sh: Make sure *.keyboard, debian/**, nx-libs.spec, ↵Mike Gabriel2015-05-282-6/+8
| | | | .pc/** don't end up in tarball (special focuse on the nx-libs-lite tarball).
* debian/changelog: add entry for last change.Mihai Moldovan2015-05-261-0/+5
|
* nxcomp: fix DEBUG, TEST, DUMP, FLUSH, TOKEN, PING, MIXED et al builds.Mihai Moldovan2015-05-262-0/+53
| | | | | | | | | Submitted by Nito Martinez of the Qindel Group. Backported from Arctica GH 3.6.x branch. Adds: - 0992_fix-DEBUG-TEST-DUMP-FLUSH-TOKEN-PING-et-al-builds.full+lite.patch
* debian/changelog: add entry for last change.Mihai Moldovan2015-05-261-0/+6
|
* Security fixes: X.Org CVE-2014-8100:Mihai Moldovan2015-05-261-16/+137
| | | | | | | | v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: - 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch
* debian/changelog: add entry for last change.Mihai Moldovan2015-05-261-0/+6
|
* Security fixes: X.Org CVE-2014-8100:Mihai Moldovan2015-05-261-6/+18
| | | | | | | | v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: - 1027-render-check-request-size-before-reading-it-CVE.full.patch
* debian/libnx-xinerama1.*: fix faulty logic when creating symlinks.Mihai Moldovan2015-05-052-3/+5
| | | | Backported from Arctica GH 3.6.x branch.
* debian/control: workaround missing dependencies of nxagent on Ubuntu for now.Mihai Moldovan2015-05-022-0/+8
|
* Security fixes: X.Org CVE-2015-3418:Mike Gabriel2015-05-013-0/+33
| | | | | | | v3: backport to 3.5.0.x branch. (Mihai Moldovan) Adds: - 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch
* nx-libs.spec: actually create libXinerama.so.1 symlink during build phase.Mihai Moldovan2015-04-301-0/+2
| | | | Backported from Arctica GH 3.6.x branch.
* debian/changelog: add changelog entry for the last two changes.Mihai Moldovan2015-04-301-0/+7
|
* debian/libnx-xinerama1.*: move Xinerama dir back to nx-x11-common. Only ↵Mihai Moldovan2015-04-303-8/+14
| | | | delete known files. Fixes RPM build failures.
* libnx-xinerama1: also create libXinerama symlink in ↵Mihai Moldovan2015-04-293-29/+36
| | | | | | | | | | | | | | | | | | | | | libnx-xinerama1.postinst.postinst (and remove in libnx-xinerama1.postinst.prerm.) Due to the nx-x11-common package being a noarch/allarch package, creating the symlink in nx-libs' Makefile will lead to the symlink referencing the "default" architecture dpkg uses for building noarch/allarch packages. Incidentally, this worked fine for Debian, as amd64 seems to be the default architecture. On Ubuntu, however, the default architecture up to Vivid (15.04) was i386. For those builds, the symlink pointed to the 32 bit library of libNX_Xinerama.so.1 -- essentially breaking this feature. Move the symlink creation to the arch-sensitive libnx-xinerama1 package. The postinst and prerm scriptlets will work fine, unless someone installs the i386 package version *after* the amd64 version. Given that we already create symlinks to libNX_X11 and friends using that method, no new regression is introduced. Strictly speaking that's a bug, but we'll hopefully clean that up later...
* README.keystrokes: remove accidentally copied Dokuwiki syntax.Mihai Moldovan2015-04-272-1/+2
| | | | | | | Backported from Arctica GH 3.6.x branch. Affects: - 0320_nxagent_configurable-keystrokes.full.patch
* etc/keystrokes.cfg: fix whitespace errors.Mihai Moldovan2015-04-272-16/+18
| | | | Backported from Arctica GH 3.6.x branch.
* debian/changelog: unify entry for README.keystrokes.Mihai Moldovan2015-04-271-4/+2
|
* README.keystrokes: add documentation for branding behavior.Mihai Moldovan2015-04-272-3/+16
| | | | | | | Backported from Arctica GH 3.6.x branch. Affects: - 0320_nxagent_configurable-keystrokes.full.patch
* README.keystrokes: copy actions documentation from the wiki.Mihai Moldovan2015-04-272-11/+26
| | | | | | | Backported from Arctica GH 3.6.x branch. Affects: - 0320_nxagent_configurable-keystrokes.full.patch
* debian/changelog: document the last commits.Mihai Moldovan2015-04-271-0/+12
|
* debian/roll-tarballs.sh: next batch of quotes.Mihai Moldovan2015-04-271-27/+27
|
* debian/roll-tarballs.sh: whitespace changes for consistency.Mihai Moldovan2015-04-271-30/+30
|
* debian/roll-tarballs.sh: don't escape last newline of a multiline command.Mihai Moldovan2015-04-271-1/+1
| | | | | | | Worked out fine so far, because the next line was empty, but this can easily change... Cherry-picked from Arctica GH 3.6.x branch.
* debian/roll-tarballs.sh: use more curly braces.Mihai Moldovan2015-04-271-3/+3
| | | | | | Prevents random characters as being treated as part of a variable name. Cherry-picked from Arctica GH 3.6.x branch.
* debian/roll-tarballs.sh: convert tabs to spaces.Mihai Moldovan2015-04-271-9/+9
| | | | Cherry-picked from Arctica GH 3.6.x branch.
* debian/roll-tarballs.sh: use more quotes.Mihai Moldovan2015-04-271-16/+16
| | | | | | | | | | | Fixes potential bugs, including one triggered by an unquoted hash within the command line. BASH accepts this. Other shells do not (i.e., treat everything following the hash character as a comment.) Cherry-picked from Arctica GH 3.6.x branch. Conflicts: debian/roll-tarballs.sh
* nxcompshad: Prevent underlinking by linking to libNX_Xext.Mike Gabriel2015-04-273-0/+18
| | | | | Adds: - 0650_nxcompshad_link-to-NX_Xext.full.patch
* nx-X11: Prevent underlinking by linking to libNX_X{11,damage,fixes).Mike Gabriel2015-04-273-0/+19
| | | | | Adds: - 0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch
* CVE patches were previously not included in release tarballs.Mihai Moldovan2015-04-2648-46/+140
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rename: - 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch => 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch - 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch => 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch => 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch - 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch => 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch - 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch => 1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch => 1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch => 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch - 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch => 1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch - 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch => 1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch - 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch => 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch - 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch => 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch => 1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch - 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch => 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch - 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch => 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch => 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch => 1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch - 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch => 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch - 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch => 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch - 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch => 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch - 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch => 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch - 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch => 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch - 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch => 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch - 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch => 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch - 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch => 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch - 1027-render-check-request-size-before-reading-it-CVE-2014.patch => 1027-render-check-request-size-before-reading-it-CVE.full.patch - 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch => 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch - 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch => 1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch - 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch => 1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch - 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch => 1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch - 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch => 1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch - 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch => 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch - 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch => 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch - 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch => 1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch - 1036-glx-Integer-overflow-protection-for-non-generated-re.patch => 1036-glx-Integer-overflow-protection-for-non-generat.full.patch - 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch => 1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch - 1038-glx-Length-checking-for-non-generated-single-request.patch => 1038-glx-Length-checking-for-non-generated-single-re.full.patch - 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch => 1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch - 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch => 1040-glx-Pass-remaining-request-length-into-varsize-.full.patch - 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch => 1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch - 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch => 1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch - 1101-Coverity-844-845-846-Fix-memory-leaks.patch => 1101-Coverity-844-845-846-Fix-memory-leaks.full.patch - 1102-include-introduce-byte-counting-functions.patch => 1102-include-introduce-byte-counting-functions.full.patch - 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch => 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch - 1104-xkb-Check-strings-length-against-request-size.patch => 1104-xkb-Check-strings-length-against-request-size.full.patch