From 271698072d56564e349483f09c1eeff8845f0981 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Apr 10 2018 05:25:56 +0000 Subject: import wayland-1.14.0-2.el7 --- diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f70a54f --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/wayland-1.14.0.tar.xz diff --git a/.wayland.metadata b/.wayland.metadata new file mode 100644 index 0000000..21a0f31 --- /dev/null +++ b/.wayland.metadata @@ -0,0 +1 @@ +53a443be3bafe73209bbc49ef2cb134ed16e0141 SOURCES/wayland-1.14.0.tar.xz diff --git a/README.md b/README.md deleted file mode 100644 index 98f42b4..0000000 --- a/README.md +++ /dev/null @@ -1,4 +0,0 @@ -The master branch has no content - -Look at the c7 branch if you are working with CentOS-7, or the c4/c5/c6 branch for CentOS-4, 5 or 6 -If you find this file in a distro specific branch, it means that no content has been checked in yet diff --git a/SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch b/SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch new file mode 100644 index 0000000..dc2f335 --- /dev/null +++ b/SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch @@ -0,0 +1,52 @@ +From 5d201df72f3d4f4cb8b8f75f980169b03507da38 Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Tue, 28 Nov 2017 21:38:07 +0100 +Subject: [PATCH] cursor: Fix heap overflows when parsing malicious files. + +It is possible to trigger heap overflows due to an integer overflow +while parsing images. + +The integer overflow occurs because the chosen limit 0x10000 for +dimensions is too large for 32 bit systems, because each pixel takes +4 bytes. Properly chosen values allow an overflow which in turn will +lead to less allocated memory than needed for subsequent reads. + +See also: https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8 +Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=103961 + +Signed-off-by: Tobias Stoeckmann +[Pekka: add link to the corresponding libXcursor commit] +Signed-off-by: Pekka Paalanen +--- + cursor/xcursor.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/cursor/xcursor.c b/cursor/xcursor.c +index ca41c4a..689c702 100644 +--- a/cursor/xcursor.c ++++ b/cursor/xcursor.c +@@ -202,6 +202,11 @@ XcursorImageCreate (int width, int height) + { + XcursorImage *image; + ++ if (width < 0 || height < 0) ++ return NULL; ++ if (width > XCURSOR_IMAGE_MAX_SIZE || height > XCURSOR_IMAGE_MAX_SIZE) ++ return NULL; ++ + image = malloc (sizeof (XcursorImage) + + width * height * sizeof (XcursorPixel)); + if (!image) +@@ -482,7 +487,8 @@ _XcursorReadImage (XcursorFile *file, + if (!_XcursorReadUInt (file, &head.delay)) + return NULL; + /* sanity check data */ +- if (head.width >= 0x10000 || head.height > 0x10000) ++ if (head.width > XCURSOR_IMAGE_MAX_SIZE || ++ head.height > XCURSOR_IMAGE_MAX_SIZE) + return NULL; + if (head.width == 0 || head.height == 0) + return NULL; +-- +2.14.3 + diff --git a/SPECS/wayland.spec b/SPECS/wayland.spec new file mode 100644 index 0000000..25b89d0 --- /dev/null +++ b/SPECS/wayland.spec @@ -0,0 +1,335 @@ +Name: wayland +Version: 1.14.0 +Release: 2%{?dist} +Summary: Wayland Compositor Infrastructure + +License: MIT +URL: http://wayland.freedesktop.org/ +Source0: http://wayland.freedesktop.org/releases/%{name}-%{version}.tar.xz + +Patch1: 0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch + +BuildRequires: chrpath +BuildRequires: docbook-style-xsl +BuildRequires: doxygen +BuildRequires: expat-devel +BuildRequires: graphviz +BuildRequires: libxml2-devel +BuildRequires: libxslt +BuildRequires: pkgconfig(libffi) +BuildRequires: xmlto + +%description +Wayland is a protocol for a compositor to talk to its clients as well as a C +library implementation of that protocol. The compositor can be a standalone +display server running on Linux kernel modesetting and evdev input devices, +an X application, or a wayland client itself. The clients can be traditional +applications, X servers (rootless or fullscreen) or other display servers. + +%package devel +Summary: Development files for %{name} +Requires: libwayland-client%{?_isa} = %{version}-%{release} +Requires: libwayland-cursor%{?_isa} = %{version}-%{release} +Requires: libwayland-server%{?_isa} = %{version}-%{release} +# For upgrade path from F24 +Provides: libwayland-client-devel = %{version}-%{release} +Obsoletes: libwayland-client-devel < 1.11.91 +Provides: libwayland-cursor-devel = %{version}-%{release} +Obsoletes: libwayland-cursor-devel < 1.11.91 +Provides: libwayland-server-devel = %{version}-%{release} +Obsoletes: libwayland-server-devel < 1.11.91 + +%description devel +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. + +%package doc +Summary: Wayland development documentation +BuildArch: noarch +# For upgrade path from F22 +Obsoletes: wayland < 1.8.91 +%description doc +Wayland development documentation + +%package -n libwayland-client +Summary: Wayland client library +%description -n libwayland-client +Wayland client library + +%package -n libwayland-cursor +Summary: Wayland cursor library +Requires: libwayland-client%{?_isa} = %{version}-%{release} +%description -n libwayland-cursor +Wayland cursor library + +%package -n libwayland-server +Summary: Wayland server library +%description -n libwayland-server +Wayland server library + + +%prep +%setup -q +%patch1 -p1 -b .xcursor + +%build +%configure --disable-static --enable-documentation +make %{?_smp_mflags} + + +%install +%make_install + +find $RPM_BUILD_ROOT -name \*.la | xargs rm -f + +# Remove lib64 rpaths +chrpath -d $RPM_BUILD_ROOT%{_libdir}/libwayland-cursor.so + +%check +mkdir -m 700 tests/run +XDG_RUNTIME_DIR=$PWD/tests/run make check || \ +{ rc=$?; cat test-suite.log; exit $rc; } + + +%post -n libwayland-client -p /sbin/ldconfig +%postun -n libwayland-client -p /sbin/ldconfig + +%post -n libwayland-cursor -p /sbin/ldconfig +%postun -n libwayland-cursor -p /sbin/ldconfig + +%post -n libwayland-server -p /sbin/ldconfig +%postun -n libwayland-server -p /sbin/ldconfig + + +%files devel +%{_bindir}/wayland-scanner +%{_includedir}/wayland-*.h +%{_libdir}/pkgconfig/wayland-*.pc +%{_libdir}/libwayland-*.so +%{_datadir}/aclocal/wayland-scanner.m4 +%dir %{_datadir}/wayland +%{_datadir}/wayland/wayland-scanner.mk +%{_datadir}/wayland/wayland.xml +%{_datadir}/wayland/wayland.dtd +%{_mandir}/man3/*.3* + +%files doc +%doc README TODO +%{_datadir}/doc/wayland/ + +%files -n libwayland-client +%license COPYING +%{_libdir}/libwayland-client.so.0* + +%files -n libwayland-cursor +%license COPYING +%{_libdir}/libwayland-cursor.so.0* + +%files -n libwayland-server +%license COPYING +%{_libdir}/libwayland-server.so.0* + +%changelog +* Wed Nov 29 2017 Olivier Fourdan - 1.14.0-2 +- Add libwayland-cursor heap overflow fix (#1518615) + +* Fri Sep 22 2017 Olivier Fourdan - 1.14.0-1 +- Update to 1.14.0 + +* Thu Jun 1 2017 Owen Taylor - 1.13.0-2 +- Add a patch fixing a build error with newer versions of graphviz + +* Wed Feb 22 2017 Kalev Lember - 1.13.0-1 +- Update to 1.13.0 + +* Sat Feb 11 2017 Fedora Release Engineering - 1.12.91-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Jan 25 2017 Kalev Lember - 1.12.91-1 +- Update to 1.12.91 + +* Wed Sep 21 2016 Kalev Lember - 1.12.0-1 +- Update to 1.12.0 + +* Wed Sep 14 2016 Kalev Lember - 1.11.94-1 +- Update to 1.11.94 + +* Thu Sep 08 2016 Kalev Lember - 1.11.93-1 +- Update to 1.11.93 + +* Wed Aug 31 2016 Kalev Lember - 1.11.92-1 +- Update to 1.11.92 + +* Wed Aug 17 2016 Kalev Lember - 1.11.91-1 +- Update to 1.11.91 +- Simplify -devel subpackage packaging +- Include license files in packaging + +* Wed Jun 01 2016 Kalev Lember - 1.11.0-1 +- Update to 1.11.0 + +* Wed May 25 2016 Kalev Lember - 1.10.93-1 +- Update to 1.10.93 + +* Wed May 18 2016 Kalev Lember - 1.10.92-1 +- Update to 1.10.92 + +* Sun May 08 2016 Kalev Lember - 1.10.91-1 +- Update to 1.10.91 + +* Thu Feb 18 2016 Kalev Lember - 1.10.0-1 +- Update to 1.10.0 + +* Thu Feb 04 2016 Kalev Lember - 1.9.92-1 +- Update to 1.9.92 + +* Wed Jan 20 2016 Kalev Lember - 1.9.91-1 +- Update to 1.9.91 + +* Tue Sep 22 2015 Kalev Lember - 1.9.0-1 +- Update to 1.9.0 +- Use make_install macro + +* Wed Sep 16 2015 Kalev Lember - 1.8.93-1 +- Update to 1.8.93 + +* Wed Sep 02 2015 Kalev Lember - 1.8.92-1 +- Update to 1.8.92 + +* Fri Aug 21 2015 Kalev Lember - 1.8.91-2 +- Split out wayland-doc subpackage for documentation + +* Fri Aug 21 2015 Kalev Lember - 1.8.91-1 +- Update to 1.8.91 + +* Mon Jul 20 2015 Adam Jackson 1.8.0-1 +- wayland 1.8.0 + +* Fri Jun 19 2015 Fedora Release Engineering - 1.7.92-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue May 26 2015 Adam Jackson 1.7.92-1 +- wayland 1.7.92 + +* Sat Feb 21 2015 Till Maas - 1.7.0-2 +- Rebuilt for Fedora 23 Change + https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code + +* Tue Feb 17 2015 Richard Hughes - 1.7.0-1 +- Wayland 1.7.0 + +* Fri Sep 19 2014 Kalev Lember - 1.6.0-1 +- Update to 1.6.0 +- Remove lib64 rpaths + +* Fri Aug 22 2014 Kevin Fenzi 1.5.91-1 +- Update to 1.5.90 + +* Mon Aug 18 2014 Fedora Release Engineering - 1.5.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Wed Jul 02 2014 Adam Jackson 1.5.0-4 +- Update protocol: new surface error enums + +* Mon Jun 30 2014 Adam Jackson 1.5.0-3 +- Remove blocking flush patch as it actually introduces deadlocks now + +* Sun Jun 08 2014 Fedora Release Engineering - 1.5.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed May 21 2014 Richard Hughes - 1.5.0-1 +- Wayland 1.5.0 + +* Tue May 13 2014 Richard Hughes - 1.4.93-1 +- Wayland 1.4.93 + +* Fri Jan 24 2014 Richard Hughes - 1.4.0-1 +- Wayland 1.4.0 + +* Mon Jan 20 2014 Richard Hughes - 1.3.93-1 +- Wayland 1.3.93 + +* Sat Dec 21 2013 Ville Skyttä - 1.3.91-2 +- Call ldconfig in libwayland-cursor %%post* scripts. +- Run test suite during build. +- Compress snapshot tarballs with xz. + +* Tue Dec 17 2013 Richard Hughes - 1.3.91-1 +- Wayland 1.3.91 + +* Mon Nov 25 2013 Lubomir Rintel - 1.3.0-1 +- Wayland 1.3.0 + +* Mon Oct 07 2013 Adam Jackson 1.2.0-3 +- Don't use MSG_DONTWAIT in wl_connection_flush. + +* Sun Aug 04 2013 Fedora Release Engineering - 1.2.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon Jul 15 2013 Richard Hughes - 1.2.0-1 +- wayland 1.2.0 + +* Wed May 15 2013 Richard Hughes - 1.1.90-0.1.20130515 +- Update to a git snapshot based on what will become 1.1.90 + +* Tue Apr 16 2013 Richard Hughes - 1.1.0-1 +- wayland 1.1.0 + +* Wed Mar 27 2013 Richard Hughes - 1.0.6-1 +- wayland 1.0.6 + +* Thu Feb 21 2013 Adam Jackson 1.0.5-1 +- wayland 1.0.5 + +* Fri Feb 15 2013 Fedora Release Engineering - 1.0.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Jan 02 2013 Adam Jackson 1.0.3-1 +- wayland 1.0.3 + +* Tue Oct 23 2012 Adam Jackson 1.0.0-1 +- wayland 1.0 + +* Thu Oct 18 2012 Adam Jackson 0.99.0-1 +- wayland 0.99.0 + +* Tue Sep 04 2012 Adam Jackson 0.95.0-1 +- wayland 0.95.0 (#843738) + +* Sun Jul 22 2012 Fedora Release Engineering - 0.89.0-2.20120424 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Tue Apr 24 2012 Richard Hughes - 0.89.0-1 +- Update to a git snapshot based on 0.89.0 + +* Sat Feb 18 2012 Thorsten Leemhuis - 0.85.0-1 +- update to 0.85.0 +- adjust license, as upstream changed it to MIT +- update make-git-snapshot.sh to current locations and scheme +- drop common package, not needed anymore +- compositor is now in a separate package, hence reduce BuildRequires to what + is actually needed (a lot less) and adjust summary +- make usage of a git checkout in spec file optional +- a %%{?_isa} to requires where it makes sense + +* Sat Jan 14 2012 Fedora Release Engineering - 0.1-0.6.20101221 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Dec 06 2011 Adam Jackson - 0.1-0.5.20101221 +- Rebuild for new libpng + +* Wed Jun 15 2011 Lubomir Rintel - 0.1-0.4.20101221 +- Install real compositor binary instead of a libtool wrapper + +* Mon Feb 07 2011 Fedora Release Engineering - 0.1-0.3.20101221 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Tue Dec 21 2010 Adam Jackson 0.1-0.2.20101221 +- Today's git snap + +* Tue Nov 23 2010 Adam Jackson 0.1-0.2.20101123 +- Today's git snap +- Fix udev rule install (#653353) + +* Mon Nov 15 2010 Adam Jackson 0.1-0.1.20101111 +- Initial packaging