From d65cbfb15bf098863b414e4e1ddc62e7a5940e74 Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Mon, 10 Mar 2025 13:56:22 +0100 Subject: xwayland: upgrade 21.1.4 -> 21.1.6 Handle following CVEs: * CVE-2025-26594 * CVE-2025-26595 * CVE-2025-26596 * CVE-2025-26597 * CVE-2025-26598 * CVE-2025-26599 * CVE-2025-26600 * CVE-2025-26601 (From OE-Core rev: 57c278ec18eb2daba8bed1ea96f924491e11a78e) Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-graphics/xwayland/xwayland_24.1.4.bb | 50 --------------------- meta/recipes-graphics/xwayland/xwayland_24.1.6.bb | 54 +++++++++++++++++++++++ 2 files changed, 54 insertions(+), 50 deletions(-) delete mode 100644 meta/recipes-graphics/xwayland/xwayland_24.1.4.bb create mode 100644 meta/recipes-graphics/xwayland/xwayland_24.1.6.bb diff --git a/meta/recipes-graphics/xwayland/xwayland_24.1.4.bb b/meta/recipes-graphics/xwayland/xwayland_24.1.4.bb deleted file mode 100644 index 6f8589ba5a..0000000000 --- a/meta/recipes-graphics/xwayland/xwayland_24.1.4.bb +++ /dev/null @@ -1,50 +0,0 @@ -SUMMARY = "XWayland is an X Server that runs under Wayland." -DESCRIPTION = "XWayland is an X Server running as a Wayland client, \ -and thus is capable of displaying native X11 client applications in a \ -Wayland compositor environment. The goal of XWayland is to facilitate \ -the transition from X Window System to Wayland environments, providing \ -a way to run unported applications in the meantime." -HOMEPAGE = "https://fedoraproject.org/wiki/Changes/XwaylandStandalone" - -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://COPYING;md5=5df87950af51ac2c5822094553ea1880" - -SRC_URI = "https://www.x.org/archive/individual/xserver/xwayland-${PV}.tar.xz" -SRC_URI[sha256sum] = "d96a78dbab819f55750173444444995b5031ebdcc15b77afebbd8dbc02af34f4" - -UPSTREAM_CHECK_REGEX = "xwayland-(?P\d+(\.(?!90\d)\d+)+)\.tar" - -inherit meson features_check pkgconfig -REQUIRED_DISTRO_FEATURES = "x11 opengl" - -DEPENDS += "xorgproto xtrans pixman libxkbfile libxfont2 wayland wayland-native wayland-protocols libdrm libepoxy libxcvt" - -OPENGL_PKGCONFIGS = "glx glamor dri3" -PACKAGECONFIG ??= "${XORG_CRYPTO} ${XWAYLAND_EI} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', '${OPENGL_PKGCONFIGS}', '', d)} \ -" -PACKAGECONFIG[dri3] = "-Ddri3=true,-Ddri3=false,libxshmfence" -PACKAGECONFIG[libdecor] = "-Dlibdecor=true,-Dlibdecor=false,libdecor" -PACKAGECONFIG[glx] = "-Dglx=true,-Dglx=false,virtual/libgl virtual/libx11" -PACKAGECONFIG[glamor] = "-Dglamor=true,-Dglamor=false,libepoxy virtual/libgbm,libegl" -PACKAGECONFIG[unwind] = "-Dlibunwind=true,-Dlibunwind=false,libunwind" -PACKAGECONFIG[xinerama] = "-Dxinerama=true,-Dxinerama=false" - -# Xorg requires a SHA1 implementation, pick one -XORG_CRYPTO ??= "openssl" -PACKAGECONFIG[openssl] = "-Dsha1=libcrypto,,openssl" -PACKAGECONFIG[nettle] = "-Dsha1=libnettle,,nettle" -PACKAGECONFIG[gcrypt] = "-Dsha1=libgcrypt,,libgcrypt" -XWAYLAND_EI ??= "xwayland_ei_false" -PACKAGECONFIG[xwayland_ei_false] = "-Dxwayland_ei=false" -PACKAGECONFIG[xwayland_ei_portal] = "-Dxwayland_ei=portal,,libei" -PACKAGECONFIG[xwayland_ei_socket] = "-Dxwayland_ei=socket,,libei" - -do_install:append() { - # remove files not needed and clashing with xserver-xorg - rm -rf ${D}/${libdir}/xorg/ -} - -FILES:${PN} += "${libdir}/xorg/protocol.txt" - -RDEPENDS:${PN} += "xkbcomp" diff --git a/meta/recipes-graphics/xwayland/xwayland_24.1.6.bb b/meta/recipes-graphics/xwayland/xwayland_24.1.6.bb new file mode 100644 index 0000000000..0774c1bbf5 --- /dev/null +++ b/meta/recipes-graphics/xwayland/xwayland_24.1.6.bb @@ -0,0 +1,54 @@ +SUMMARY = "XWayland is an X Server that runs under Wayland." +DESCRIPTION = "XWayland is an X Server running as a Wayland client, \ +and thus is capable of displaying native X11 client applications in a \ +Wayland compositor environment. The goal of XWayland is to facilitate \ +the transition from X Window System to Wayland environments, providing \ +a way to run unported applications in the meantime." +HOMEPAGE = "https://fedoraproject.org/wiki/Changes/XwaylandStandalone" + +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://COPYING;md5=5df87950af51ac2c5822094553ea1880" + +SRC_URI = "https://www.x.org/archive/individual/xserver/xwayland-${PV}.tar.xz" +SRC_URI[sha256sum] = "737e612ca36bbdf415a911644eb7592cf9389846847b47fa46dc705bd754d2d7" + +UPSTREAM_CHECK_REGEX = "xwayland-(?P\d+(\.(?!90\d)\d+)+)\.tar" + +inherit meson features_check pkgconfig +REQUIRED_DISTRO_FEATURES = "x11 opengl" + +DEPENDS += "xorgproto xtrans pixman libxkbfile libxfont2 wayland wayland-native wayland-protocols libdrm libepoxy libxcvt" + +OPENGL_PKGCONFIGS = "glx glamor dri3" +PACKAGECONFIG ??= "${XORG_CRYPTO} ${XWAYLAND_EI} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', '${OPENGL_PKGCONFIGS}', '', d)} \ +" +PACKAGECONFIG[dri3] = "-Ddri3=true,-Ddri3=false,libxshmfence" +PACKAGECONFIG[libdecor] = "-Dlibdecor=true,-Dlibdecor=false,libdecor" +PACKAGECONFIG[glx] = "-Dglx=true,-Dglx=false,virtual/libgl virtual/libx11" +PACKAGECONFIG[glamor] = "-Dglamor=true,-Dglamor=false,libepoxy virtual/libgbm,libegl" +PACKAGECONFIG[unwind] = "-Dlibunwind=true,-Dlibunwind=false,libunwind" +PACKAGECONFIG[xinerama] = "-Dxinerama=true,-Dxinerama=false" + +# Xorg requires a SHA1 implementation, pick one +XORG_CRYPTO ??= "openssl" +PACKAGECONFIG[openssl] = "-Dsha1=libcrypto,,openssl" +PACKAGECONFIG[nettle] = "-Dsha1=libnettle,,nettle" +PACKAGECONFIG[gcrypt] = "-Dsha1=libgcrypt,,libgcrypt" +XWAYLAND_EI ??= "xwayland_ei_false" +PACKAGECONFIG[xwayland_ei_false] = "-Dxwayland_ei=false" +PACKAGECONFIG[xwayland_ei_portal] = "-Dxwayland_ei=portal,,libei" +PACKAGECONFIG[xwayland_ei_socket] = "-Dxwayland_ei=socket,,libei" + +do_install:append() { + # remove files not needed and clashing with xserver-xorg + rm -rf ${D}/${libdir}/xorg/ +} + +FILES:${PN} += "${libdir}/xorg/protocol.txt" + +RDEPENDS:${PN} += "xkbcomp" + +CVE_STATUS_GROUPS = "CVE_STATUS_REDHAT" +CVE_STATUS_REDHAT = "CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 CVE-2025-26601" +CVE_STATUS_REDHAT[status] = "fixed-version: these are tracked as versionless redhat CVEs in NVD DB, fixed in 24.1.6" -- cgit v1.2.3-54-g00ecf