xserver-xorg: update to 1.20.3

1.20.3 fixes arm booting in testimage (From OE-Core rev: 7d96e1659b1616f287805abb42f512fa17c0c493) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster808@gmail.com> 2018-10-31 07:39:58 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-11-14 11:14:38 +0000
commit: 0cbda4a42e18b326bc74d045f435c02de59822fb (patch)
tree: d43f25ce3ae91373ffe0c9f56dd1bd6b2713b440
parent: d2aaa2614a6edf5386fd9f3a68cc3ff899a3274a (diff)
download: poky-0cbda4a42e18b326bc74d045f435c02de59822fb.tar.gz
2 files changed, 2 insertions, 65 deletions
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch
deleted file mode 100644
index 7f6235b432..0000000000
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-Incorrect command-line parameter validation in the Xorg X server can lead to
-privilege elevation and/or arbitrary files overwrite, when the X server is
-running with elevated privileges (ie when Xorg is installed with the setuid bit
-set and started by a non-root user). The -modulepath argument can be used to
-specify an insecure path to modules that are going to be loaded in the X server,
-allowing to execute unprivileged code in the privileged process. The -logfile
-argument can be used to overwrite arbitrary files in the file system, due to
-incorrect checks in the parsing of the option.
-CVE: CVE-2018-14665
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-From 50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e Mon Sep 17 00:00:00 2001
-From: Matthieu Herrb <matthieu@herrb.eu>
-Date: Tue, 23 Oct 2018 21:29:08 +0200
-Subject: [PATCH] Disable -logfile and -modulepath when running with elevated
- privileges
-Could cause privilege elevation and/or arbitrary files overwrite, when
-the X server is running with elevated privileges (ie when Xorg is
-installed with the setuid bit set and started by a non-root user).
-CVE-2018-14665
-Issue reported by Narendra Shinde and Red Hat.
-Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
-Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
-Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
-Reviewed-by: Adam Jackson <ajax@redhat.com>
---
- hw/xfree86/common/xf86Init.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-diff --git a/hw/xfree86/common/xf86Init.c b/hw/xfree86/common/xf86Init.c
-index 6c25eda73..0f57efa86 100644
--- a/hw/xfree86/common/xf86Init.c
-+++ b/hw/xfree86/common/xf86Init.c
-@@ -935,14 +935,18 @@ ddxProcessArgument(int argc, char **argv, int i)
-     /* First the options that are not allowed with elevated privileges */
-     if (!strcmp(argv[i], "-modulepath")) {
-         CHECK_FOR_REQUIRED_ARGUMENT();
-        xf86CheckPrivs(argv[i], argv[i + 1]);
-+        if (xf86PrivsElevated())
-+              FatalError("\nInvalid argument -modulepath "
-+                "with elevated privileges\n");
-         xf86ModulePath = argv[i + 1];
-         xf86ModPathFrom = X_CMDLINE;
-         return 2;
-     }
-     if (!strcmp(argv[i], "-logfile")) {
-         CHECK_FOR_REQUIRED_ARGUMENT();
-        xf86CheckPrivs(argv[i], argv[i + 1]);
-+        if (xf86PrivsElevated())
-+              FatalError("\nInvalid argument -logfile "
-+                "with elevated privileges\n");
-         xf86LogFile = argv[i + 1];
-         xf86LogFileFrom = X_CMDLINE;
-         return 2;
-- 
-2.18.1
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.1.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.3.bb
index 9fd2e8d870..1caa154a23 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.1.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.3.bb
@@ -3,10 +3,9 @@ require xserver-xorg.inc
 SRC_URI += "file://musl-arm-inb-outb.patch \
            file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \
            file://pkgconfig.patch \
-            file://CVE-2018-14665.patch \
            "
-SRC_URI[md5sum] = "e525846d1d0af5732ba835f2e2ec066d"
+SRC_URI[md5sum] = "8ee29e8b24cef6b3cfa747ec01b9155a"
-SRC_URI[sha256sum] = "59c99fe86fe75b8164c6567bfc6e982aecc2e4a51e6fbac1b842d5d00549e918"
+SRC_URI[sha256sum] = "1b3ce466c12cacbe2252b3ad5b0ed561972eef9d09e75900d65fb1e21f9201de"
 # These extensions are now integrated into the server, so declare the migration
 # path for in-place upgrades.
author	Armin Kuster <akuster808@gmail.com>	2018-10-31 07:39:58 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-11-14 11:14:38 +0000
commit	0cbda4a42e18b326bc74d045f435c02de59822fb (patch)
tree	d43f25ce3ae91373ffe0c9f56dd1bd6b2713b440
parent	d2aaa2614a6edf5386fd9f3a68cc3ff899a3274a (diff)
download	poky-0cbda4a42e18b326bc74d045f435c02de59822fb.tar.gz

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch deleted file mode 100644 index 7f6235b432..0000000000 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch +++ /dev/null
@@ -1,62 +0,0 @@
1	Incorrect command-line parameter validation in the Xorg X server can lead to
2	privilege elevation and/or arbitrary files overwrite, when the X server is
3	running with elevated privileges (ie when Xorg is installed with the setuid bit
4	set and started by a non-root user). The -modulepath argument can be used to
5	specify an insecure path to modules that are going to be loaded in the X server,
6	allowing to execute unprivileged code in the privileged process. The -logfile
7	argument can be used to overwrite arbitrary files in the file system, due to
8	incorrect checks in the parsing of the option.
9
10	CVE: CVE-2018-14665
11	Upstream-Status: Backport
12	Signed-off-by: Ross Burton <ross.burton@intel.com>
13
14	From 50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e Mon Sep 17 00:00:00 2001
15	From: Matthieu Herrb <matthieu@herrb.eu>
16	Date: Tue, 23 Oct 2018 21:29:08 +0200
17	Subject: [PATCH] Disable -logfile and -modulepath when running with elevated
18	privileges
19
20	Could cause privilege elevation and/or arbitrary files overwrite, when
21	the X server is running with elevated privileges (ie when Xorg is
22	installed with the setuid bit set and started by a non-root user).
23
24	CVE-2018-14665
25
26	Issue reported by Narendra Shinde and Red Hat.
27
28	Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
29	Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
30	Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
31	Reviewed-by: Adam Jackson <ajax@redhat.com>
32	---
33	hw/xfree86/common/xf86Init.c \| 8 ++++++--
34	1 file changed, 6 insertions(+), 2 deletions(-)
35
36	diff --git a/hw/xfree86/common/xf86Init.c b/hw/xfree86/common/xf86Init.c
37	index 6c25eda73..0f57efa86 100644
38	--- a/hw/xfree86/common/xf86Init.c
39	+++ b/hw/xfree86/common/xf86Init.c
40	@@ -935,14 +935,18 @@ ddxProcessArgument(int argc, char **argv, int i)
41	/* First the options that are not allowed with elevated privileges */
42	if (!strcmp(argv[i], "-modulepath")) {
43	CHECK_FOR_REQUIRED_ARGUMENT();
44	- xf86CheckPrivs(argv[i], argv[i + 1]);
45	+ if (xf86PrivsElevated())
46	+ FatalError("\nInvalid argument -modulepath "
47	+ "with elevated privileges\n");
48	xf86ModulePath = argv[i + 1];
49	xf86ModPathFrom = X_CMDLINE;
50	return 2;
51	}
52	if (!strcmp(argv[i], "-logfile")) {
53	CHECK_FOR_REQUIRED_ARGUMENT();
54	- xf86CheckPrivs(argv[i], argv[i + 1]);
55	+ if (xf86PrivsElevated())
56	+ FatalError("\nInvalid argument -logfile "
57	+ "with elevated privileges\n");
58	xf86LogFile = argv[i + 1];
59	xf86LogFileFrom = X_CMDLINE;
60	return 2;
61	--
62	2.18.1


diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.1.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.3.bb index 9fd2e8d870..1caa154a23 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.1.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.3.bb
@@ -3,10 +3,9 @@ require xserver-xorg.inc
3	SRC_URI += "file://musl-arm-inb-outb.patch \	3	SRC_URI += "file://musl-arm-inb-outb.patch \
4	file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \	4	file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \
5	file://pkgconfig.patch \	5	file://pkgconfig.patch \
6	file://CVE-2018-14665.patch \
7	"	6	"
8	SRC_URI[md5sum] = "e525846d1d0af5732ba835f2e2ec066d"	7	SRC_URI[md5sum] = "8ee29e8b24cef6b3cfa747ec01b9155a"
9	SRC_URI[sha256sum] = "59c99fe86fe75b8164c6567bfc6e982aecc2e4a51e6fbac1b842d5d00549e918"	8	SRC_URI[sha256sum] = "1b3ce466c12cacbe2252b3ad5b0ed561972eef9d09e75900d65fb1e21f9201de"
10		9
11	# These extensions are now integrated into the server, so declare the migration	10	# These extensions are now integrated into the server, so declare the migration
12	# path for in-place upgrades.	11	# path for in-place upgrades.