lp://staging/ubuntu/maverick-security/xorg-server

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp://staging/ubuntu/maverick-security/xorg-server
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

201. By Marc Deslauriers

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect input sanitization
  - debian/patches/212_CVE-2010-4818.patch: updated with missing
    commit to fix regression.
  - CVE-2010-4818

200. By Marc Deslauriers

* SECURITY UPDATE: file existence disclosure
  - debian/patches/210_CVE-2011-4028.patch: open lockfile with O_NOFOLLOW
    in os/utils.c.
  - CVE-2011-4028
* SECURITY UPDATE: privilege escalation via file permission change
  - debian/patches/211_CVE-2011-4029.patch: use fchmod to prevent race
    in os/utils.c.
  - CVE-2011-4029
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect input sanitization
  - debian/patches/212_CVE-2010-4818.patch: validate sizes and arguments
    in glx/{glxcmds,glxcmdsswap,xfont}.c.
  - CVE-2010-4818

199. By Michael Vogt

* debian/control:
  - Tweak the breaks/conflicts for the virtual xserver-xorg-input
    breaks to help apt in lucid deal with the upgrade.
    With the apt in maverick this will be no longer needed ((LP: #614993)

198. By Chris Halse Rogers

[ Chase Douglas ]
* Fix udev USB product ID parsing (LP: #628214)
  - debian/patches:
    + 205_udev-product-ids.patch

[ Christopher James Halse Rogers ]
* debian/patches/206_intel_8xx_default_to_fbdev.patch:
  - Don't autoload the intel driver on i830, i845g and i855. These are
    still too unstable with KMS/GEM. X will autoload the fbdev driver
    (if using KMS) or the vesa driver instead. (LP: #633593)

197. By Michael Vogt

* debian/control:
  - fix duplicated breaks for xserver-xorg-video-v4l

196. By Michael Vogt

* debian/control:
  - add more "breaks" for leftover drivers that have no
    xserver 1.9 abi version, thanks to Jean-Baptiste Lallement
    (LP: #614993)

195. By Michael Vogt

* debian/control:
  - add additional breaks for video drivers that have no ABI for
    xserver 1.9 (LP: #614993)
  - merge the "breaks" list from the debian git tree

194. By Michael Vogt

* debian/control:
  - add explict breaks from xserver-xorg-core against
    xserver-xorg-video-v4l (<< 1:0.2.0-4ubuntu1) to ensure that
    upgrades with universe disabled work (LP: #614993)

193. By Chris Halse Rogers

* Merge from (unreleased) Debian experimental. Remaining Ubuntu changes:
  - rules, control:
    + Disable SELinux, libaudit-dev is not in main yet (LP 406226).
      Drop libaudit-dev from build-deps.
  - rules: Enable xcsecurity (LP 247537).
  - local/xvfb-run*: Add correct docs about error codes (LP 328205)
  - rules: Add --with-extra-module-dir to support GL alternatives.
  - control: Xvfb depends on xauth, x11-xkb-utils. (LP 500102)
  - rules, local/64-xorg-xkb.rules: Don't use keyboard-configuration
    until it's available.
  - control: Update some versioned Breaks for Ubuntu versions.
  - debian/patches:
    + 100_rethrow_signals.patch:
      When aborting, re-raise signals for apport
    + 109_fix-swcursor-crash.patch:
      Avoid dereferencing null pointer while reloading cursors during
      resume. (LP 371405)
    + 111_armel-drv-fallbacks.patch:
      Add support for armel driver fallbacks.
    + 121_only_switch_vt_when_active.diff:
      Add a check to prevent the X server from changing the VT when killing
      GDM from the console.
    + 122_xext_fix_card32_overflow_in_xauth.patch:
      Fix server crash when “xauth generate” is called with large timeout.
    + 157_check_null_modes.patch, 162_null_crtc_in_rotation.patch,
      166_nullptr_xinerama_keyrepeat.patch, 167_nullptr_xisbread.patch
      169_mipointer_nullptr_checks.patch,
      172_cwgetbackingpicture_nullptr_check.patch:
      Fix various segfaults in xserver by checking pointers for NULL
      values before dereferencing them.
    + 165_man_xorg_conf_no_device_ident.patch
      Correct man page
    + 168_glibc_trace_to_stderr.patch:
      Report abort traces to stderr instead of terminal
    + 184_virtual_devices_autodetect.patch:
      Use vesa for qemu device, which is not supported by cirrus
    + 187_edid_quirk_hp_nc8430.patch:
      Quirk for another LPL monitor (LP 380009)
    + 188_default_primary_to_first_busid.patch:
      Pick the first device and carry on (LP 459512)
    + 189_xserver_1.5.0_bg_none_root.patch:
      Create a root window with no background.
    + 190_cache-xkbcomp_output_for_fast_start_up.patch:
      Cache keyboard settings.
    + 191-Xorg-add-an-extra-module-path.patch:
      Add support for the alternatives module path.
    + 197_xvfb-randr.patch:
      Adds xrandr support to xvfb. (LP 516123)
    + 198_nohwaccess.patch:
      Adds a -nohwaccess argument to make X not access the hardware
      ports directly.
    + 200_randr-null.patch:
      Clarify a pointer initialization.
    + 203_gestures-extension.patch:
    + 202_xf86CoordinationsToWindows.patch:
      Add gesture extension support (LP: 616678)
    + debian/serverminver:
      Bump for gesture support
* New upstream release:
  - Fixes crash in DamageUnregister on session close (LP: #343694)
  - Fixes crash with extremely large windows exposed by xpdf (Closes: #320627)
* Drop 17-fix-DRI2-segfault-when-clientGone.diff: fixed upstream in more
  generality.
* debian/patches/204_fix-neg-sync-transition.patch:
  - Fix edge case in SYNC extension resulting in GNOME screensaver's
    fade-to-screensaver being uninteruptible. (LP: #595555)

192. By Chase Douglas

Bump debian/serverminver for gesture support

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/precise/xorg-server
This branch contains Public information 
Everyone can see this information.

Subscribers