nx-libs - NXv3 (redistributed)

	Commit message (Collapse)	Author	Age	Files	Lines
*	library clean-up: Don't build and link libXfont.a anymore. Use system's ↵pr/libxfont-cleanup	Mike Gabriel	2015-04-22	1	-1/+1
\| \| \| \|	libXfont shared library and link dynamically.
*	imake cleanup: Drop all references to XprtServer and BuildXprint*.	Mike Gabriel	2015-04-04	2	-14/+1
\|
*	dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]	Alan Coopersmith	2015-02-16	1	-0/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	GetHosts() iterates over all the hosts it has in memory, and copies them to a buffer. The buffer length is calculated by iterating over all the hosts and adding up all of their combined length. There is a potential integer overflow, if there are lots and lots of hosts (with a combined length of > ~4 gig). This should be possible by repeatedly calling ProcChangeHosts() on 64bit machines with enough memory. This patch caps the list at 1mb, because multi-megabyte hostname lists for X access control are insane. v2: backport to nx-libs 3.6.x (Mike DePaulo) v3: human-readable version of "1 MB" (Mihai Moldovan) Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Conflicts: os/access.c
*	Revert "dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]"	Mihai Moldovan	2015-02-16	1	-6/+0
\| \| \| \|	This reverts commit d4c76981f7fddb364166464c571ed8d3de3086cd.
*	dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]	Alan Coopersmith	2015-02-14	1	-0/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	GetHosts() iterates over all the hosts it has in memory, and copies them to a buffer. The buffer length is calculated by iterating over all the hosts and adding up all of their combined length. There is a potential integer overflow, if there are lots and lots of hosts (with a combined length of > ~4 gig). This should be possible by repeatedly calling ProcChangeHosts() on 64bit machines with enough memory. This patch caps the list at 1mb, because multi-megabyte hostname lists for X access control are insane. v2: backport to nx-libs 3.6.x (Mike DePaulo) Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Conflicts: os/access.c
*	unchecked malloc may allow unauthed client to crash Xserver [CVE-2014-8091]	Alan Coopersmith	2015-02-14	1	-0/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	authdes_ezdecode() calls malloc() using a length provided by the connection handshake sent by a newly connected client in order to authenticate to the server, so should be treated as untrusted. It didn't check if malloc() failed before writing to the newly allocated buffer, so could lead to a server crash if the server fails to allocate memory (up to UINT16_MAX bytes, since the len field is a CARD16 in the X protocol). Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Conflicts: os/rpcauth.c
*	Fix CVE-2011-4028: File disclosure vulnerability. upstream xorg/xserver ↵	Mike DePaulo	2015-02-14	1	-1/+1
\| \| \| \| \| \| \| \|	commit 6ba44b91e37622ef8c146d8f2ac92d708a18ed34 use O_NOFOLLOW to open the existing lock file, so symbolic links aren't followed, thus avoid revealing if it point to an existing file.
*	Unbrand NX Agent Startup Screen / Brand X2Go Agent Startup Screen ↵	Oleksandr Shneyder	2015-02-13	1	-1/+13
\| \| \| \| \| \| \| \| \| \|	(999_nxagent_unbrand-nxagent-brand-x2goagent.full.patch). When launched with NX Agent flavour, the startup screen gets unbranded by this patch (the !M logo does not get shown). When launched with X2Go Agent flavour, the startup screen gets branded with the X2GO logo.
*	Be compliant with POS36-C: Observe correct revocation order while ↵	Orion Poplawski	2015-02-13	1	-0/+7
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	relinquishing privileges (602_nx-X11_initgroups.full.patch). The Fedora review of NX (redistributed) caught the following rpmlint issue: This executable is calling setuid and setgid without setgroups or initgroups. There is a high probability this mean it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. Ref POS36-C: https://www.securecoding.cert.org/confluence/display/seccode/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges This patch adds initgroups() calls to the code to initialize the supplemental group list.
*	FHS path fix for rgb file	Marcelo Boveto Shima	2015-02-10	1	-1/+1
\| \| \| \| \| \| \|	This patch is needed on Debian only, not reporting this path addition to upstream. Patch was modified by Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
*	Fix -Werror=format-security errors ↵	Orion Poplawski	2015-02-09	1	-2/+2
\| \| \| \| \| \| \| \|	(056_nx-X11_Werror-format-security.full.patch). The below patch fixes more -Werror=format-security errors. Interestingly, most of the errors only showed up on our arm builds. No idea why.
*	drop .original files from the current code base	Mike Gabriel	2015-02-02	18	-16364/+0
\|
*	Revert "release 3.5.0.19"	Mike Gabriel	2013-03-28	1	-1/+1
\| \| \| \|	This reverts commit e77bf36d9afbc7e56522574b06217d57c11dd095.
*	release 3.5.0.19	Mike Gabriel	2013-03-28	1	-1/+1
\|
*	Imported nx-X11-3.5.0-1.tar.gznx-X11/3.5.0-1	Reinhard Tartler	2011-10-10	10	-10/+10
\| \| \| \| \| \| \| \|	Summary: Imported nx-X11-3.5.0-1.tar.gz Keywords: Imported nx-X11-3.5.0-1.tar.gz into Git repository
*	Imported nx-X11-3.4.0-3.tar.gznx-X11/3.4.0-3	Reinhard Tartler	2011-10-10	12	-12/+12
\| \| \| \| \| \| \| \|	Summary: Imported nx-X11-3.4.0-3.tar.gz Keywords: Imported nx-X11-3.4.0-3.tar.gz into Git repository
*	Imported nx-X11-3.4.0-1.tar.gznx-X11/3.4.0-1	Reinhard Tartler	2011-10-10	10	-20/+20
\| \| \| \| \| \| \| \|	Summary: Imported nx-X11-3.4.0-1.tar.gz Keywords: Imported nx-X11-3.4.0-1.tar.gz into Git repository
*	Imported nx-X11-3.3.0-7.tar.gznx-X11/3.3.0-7	Reinhard Tartler	2011-10-10	2	-2/+2
\| \| \| \| \| \| \| \|	Summary: Imported nx-X11-3.3.0-7.tar.gz Keywords: Imported nx-X11-3.3.0-7.tar.gz into Git repository
*	Imported nx-X11-3.3.0-6.tar.gznx-X11/3.3.0-6	Reinhard Tartler	2011-10-10	3	-0/+326
\| \| \| \| \| \| \| \|	Summary: Imported nx-X11-3.3.0-6.tar.gz Keywords: Imported nx-X11-3.3.0-6.tar.gz into Git repository
*	Imported nx-X11-3.3.0-5.tar.gznx-X11/3.3.0-5	Reinhard Tartler	2011-10-10	2	-0/+26
\| \| \| \| \| \| \| \|	Summary: Imported nx-X11-3.3.0-5.tar.gz Keywords: Imported nx-X11-3.3.0-5.tar.gz into Git repository
*	Imported nx-X11-3.1.0-1.tar.gznx-X11/3.1.0-1	Reinhard Tartler	2011-10-10	36	-0/+32336
	Summary: Imported nx-X11-3.1.0-1.tar.gz Keywords: Imported nx-X11-3.1.0-1.tar.gz into Git repository