Overview Repositories Revisions Requests Users Attributes Meta

Revisions of xwayland

buildservice-autocommit accepted request 1166452 from Stefan Dirsch's avatar Stefan Dirsch (sndirsch) (revision 78) 
baserev update by copy to link target
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) committed (revision 77) 
- Update to 23.2.6
  * This is a quick bug fix release to address a regression
    introduced by the fix for CVE-2024-31083 in xwayland-23.2.5.
buildservice-autocommit accepted request 1164509 from Stefan Dirsch's avatar Stefan Dirsch (sndirsch) (revision 76) 
baserev update by copy to link target
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) committed (revision 75) 
- Security update 23.2.5 
  This release contains the 3 security fixes that actually apply to
  Xwayland reported in the security advisory of April 3rd 2024
  * CVE-2024-31080
  * CVE-2024-31081
  * CVE-2024-31083
  Additionally, it also contains a couple of other fixes, a copy/paste
  error in the DeviceStateNotify event and a fix to enable buttons with
  pointer gestures for backward compatibility with legacy X11 clients.
buildservice-autocommit accepted request 1149619 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 74) 
baserev update by copy to link target
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) accepted request 1146917 from Joan Torres's avatar Joan Torres (jtorres) (revision 73) 
- Don't provide xorg-x11-server-source
  * xwayland sources are not meant for a generic server.
  * https://github.com/TigerVNC/tigervnc/issues/1728
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) accepted request 1146791 from Joan Torres's avatar Joan Torres (jtorres) (revision 72) 
- Provide xorg-x11-server-source from xwayland
  * xwayland will be more updated than xorg-x11-server, so the server sources 
    will be more updated too if are provided by xwayland.
  * Fixes bsc#1219892.
buildservice-autocommit accepted request 1139423 from Stefan Dirsch's avatar Stefan Dirsch (sndirsch) (revision 71) 
baserev update by copy to link target
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) committed (revision 70) 
- This release contains also the following patches mentioned in
  previous sle15 releases
  * bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
  * bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
  * bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
  * bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
  * bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
  * bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
  * bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) committed (revision 69) 
- This release contains also the missing fixes of initial
  U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  (bsc#1217765)
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) committed (revision 68) 
- Update to version 23.2.4
  * This release contains fixes for the issues reported in today's
    security advisory: 
    https://lists.x.org/archives/xorg/2024-January/061525.html
  * CVE-2023-6816  (bsc#1218582)
  * CVE-2024-0229  (bsc#1218583)
  * CVE-2024-21885 (bsc#1218584)
  * CVE-2024-21886 (bsc#1218585)
  * CVE-2024-0408
  * CVE-2024-0409
- supersedes the patches mentioned below:
  * U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
buildservice-autocommit accepted request 1132832 from Joan Torres's avatar Joan Torres (jtorres) (revision 67) 
baserev update by copy to link target
Joan Torres's avatar Joan Torres (jtorres) committed (revision 66) 
Added missing fixes on U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch.
Joan Torres's avatar Joan Torres (jtorres) committed (revision 65) 
- U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * Out-of-bounds memory write in XKB button actions (CVE-2023-6377, 
    ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
  * Out-of-bounds memory read in RRChangeOutputProperty and
    RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
    bsc#1217766)
buildservice-autocommit accepted request 1128531 from Stefan Dirsch's avatar Stefan Dirsch (sndirsch) (revision 64) 
baserev update by copy to link target
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) committed (revision 63) 
- This release contains the following patches mentioned in previous
  sle15 releases
  * U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch:
    fixes regression introduced with security update for
    CVE-2022-46340 (bsc#1205874)     
  * U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch:
    fix handling of PropModeAppend/Prepend ((CVE-2023-5367, ZDI-CAN-22153,
    bsc#1216135)
  * U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch,
    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch:
    Server Damage Object Use-After-Free Local Privilege Escalation
    Vulnerability (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
  * U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch:
    fixes a regresion, which can trigger a segfault in Xwayland on
    exit, introduced by 
    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch 
    (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
buildservice-autocommit accepted request 1120261 from Stefan Dirsch's avatar Stefan Dirsch (sndirsch) (revision 62) 
baserev update by copy to link target
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) committed (revision 61) 
  * This release contains the fix for CVE-2023-5367 and CVE-2023-5574
    in today's security advisory: 
      https://lists.x.org/archives/xorg-announce/2023-October/003430.html
Stefan Dirsch's avatar Stefan Dirsch (sndirsch) committed (revision 60) 
- Update to version 23.2.2
  * This release contains the fix for CVE-2023-5367 in today's security
    advisory: https://lists.x.org/archives/xorg-announce/2023-October/003430.html
    Xwayland does not support multiple protocol screens (Zaphod) and is thus
    not affected by CVE-2023-5380.
  * Additionally, there is a change in the default behaviour of Xwayland:
    Since version 23.2.0 Xwayland (via liboeffis) automatically tries to
    connect to the XDG Desktop Portal's RemoteDesktop interface to obtain
    the EI socket. That socket is used to send XTest events to the
    compositor.
  * However, the connection to the session-wide Portal is unsuitable when
    Xwayland is running in a nested compositor. Xwayland cannot tell whether
    it's running on a nested compositor and to keep backwards compatibility
    with Xwayland prior to 23.2.0, Xwayland must now be started with
    "-enable-ei-portal" to connect to the portal.
  * Compositors (who typically spawn Xwayland rootless) must now pass this
    option to get the same behaviour as 23.2.x.
  * Finally, Xwayland now uses libbsd-overlay instead of libbsd.
buildservice-autocommit accepted request 1112502 from Stefan Dirsch's avatar Stefan Dirsch (sndirsch) (revision 59) 
baserev update by copy to link target
Displaying revisions 1 - 20 of 78
openSUSE Build Service is sponsored by
Places