diff --git a/.gitignore b/.gitignore index f70a54f..815b8c4 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/wayland-1.14.0.tar.xz +SOURCES/wayland-1.15.0.tar.xz diff --git a/.wayland.metadata b/.wayland.metadata index 21a0f31..1a7746f 100644 --- a/.wayland.metadata +++ b/.wayland.metadata @@ -1 +1 @@ -53a443be3bafe73209bbc49ef2cb134ed16e0141 SOURCES/wayland-1.14.0.tar.xz +374e07b4f3b7fdfa7c4206cdd48224ea00d69d68 SOURCES/wayland-1.15.0.tar.xz diff --git a/SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch b/SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch deleted file mode 100644 index dc2f335..0000000 --- a/SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 5d201df72f3d4f4cb8b8f75f980169b03507da38 Mon Sep 17 00:00:00 2001 -From: Tobias Stoeckmann -Date: Tue, 28 Nov 2017 21:38:07 +0100 -Subject: [PATCH] cursor: Fix heap overflows when parsing malicious files. - -It is possible to trigger heap overflows due to an integer overflow -while parsing images. - -The integer overflow occurs because the chosen limit 0x10000 for -dimensions is too large for 32 bit systems, because each pixel takes -4 bytes. Properly chosen values allow an overflow which in turn will -lead to less allocated memory than needed for subsequent reads. - -See also: https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8 -Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=103961 - -Signed-off-by: Tobias Stoeckmann -[Pekka: add link to the corresponding libXcursor commit] -Signed-off-by: Pekka Paalanen ---- - cursor/xcursor.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/cursor/xcursor.c b/cursor/xcursor.c -index ca41c4a..689c702 100644 ---- a/cursor/xcursor.c -+++ b/cursor/xcursor.c -@@ -202,6 +202,11 @@ XcursorImageCreate (int width, int height) - { - XcursorImage *image; - -+ if (width < 0 || height < 0) -+ return NULL; -+ if (width > XCURSOR_IMAGE_MAX_SIZE || height > XCURSOR_IMAGE_MAX_SIZE) -+ return NULL; -+ - image = malloc (sizeof (XcursorImage) + - width * height * sizeof (XcursorPixel)); - if (!image) -@@ -482,7 +487,8 @@ _XcursorReadImage (XcursorFile *file, - if (!_XcursorReadUInt (file, &head.delay)) - return NULL; - /* sanity check data */ -- if (head.width >= 0x10000 || head.height > 0x10000) -+ if (head.width > XCURSOR_IMAGE_MAX_SIZE || -+ head.height > XCURSOR_IMAGE_MAX_SIZE) - return NULL; - if (head.width == 0 || head.height == 0) - return NULL; --- -2.14.3 - diff --git a/SPECS/wayland.spec b/SPECS/wayland.spec index 25b89d0..d05472d 100644 --- a/SPECS/wayland.spec +++ b/SPECS/wayland.spec @@ -1,14 +1,12 @@ Name: wayland -Version: 1.14.0 -Release: 2%{?dist} +Version: 1.15.0 +Release: 1%{?dist} Summary: Wayland Compositor Infrastructure License: MIT URL: http://wayland.freedesktop.org/ Source0: http://wayland.freedesktop.org/releases/%{name}-%{version}.tar.xz -Patch1: 0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch - BuildRequires: chrpath BuildRequires: docbook-style-xsl BuildRequires: doxygen @@ -30,6 +28,7 @@ applications, X servers (rootless or fullscreen) or other display servers. Summary: Development files for %{name} Requires: libwayland-client%{?_isa} = %{version}-%{release} Requires: libwayland-cursor%{?_isa} = %{version}-%{release} +Requires: libwayland-egl%{?_isa} = %{version}-%{release} Requires: libwayland-server%{?_isa} = %{version}-%{release} # For upgrade path from F24 Provides: libwayland-client-devel = %{version}-%{release} @@ -38,6 +37,11 @@ Provides: libwayland-cursor-devel = %{version}-%{release} Obsoletes: libwayland-cursor-devel < 1.11.91 Provides: libwayland-server-devel = %{version}-%{release} Obsoletes: libwayland-server-devel < 1.11.91 +# For upgrade path from F27 +Provides: libwayland-egl-devel = %{version}-%{release} +Provides: mesa-libwayland-egl-devel = %{version}-%{release} +Provides: mesa-libwayland-egl-devel%{?_isa} = %{version}-%{release} +Obsoletes: mesa-libwayland-egl-devel < 18.1.0 %description devel The %{name}-devel package contains libraries and header files for @@ -46,8 +50,6 @@ developing applications that use %{name}. %package doc Summary: Wayland development documentation BuildArch: noarch -# For upgrade path from F22 -Obsoletes: wayland < 1.8.91 %description doc Wayland development documentation @@ -58,25 +60,31 @@ Wayland client library %package -n libwayland-cursor Summary: Wayland cursor library -Requires: libwayland-client%{?_isa} = %{version}-%{release} %description -n libwayland-cursor Wayland cursor library +%package -n libwayland-egl +Summary: Wayland egl library +# For upgrade path from F27 +Provides: mesa-libwayland-egl = %{version}-%{release} +Provides: mesa-libwayland-egl%{?_isa} = %{version}-%{release} +Obsoletes: mesa-libwayland-egl < 18.1.0 + +%description -n libwayland-egl +Wayland egl library + %package -n libwayland-server Summary: Wayland server library %description -n libwayland-server Wayland server library - %prep -%setup -q -%patch1 -p1 -b .xcursor +%autosetup -p1 %build %configure --disable-static --enable-documentation make %{?_smp_mflags} - %install %make_install @@ -97,6 +105,9 @@ XDG_RUNTIME_DIR=$PWD/tests/run make check || \ %post -n libwayland-cursor -p /sbin/ldconfig %postun -n libwayland-cursor -p /sbin/ldconfig +%post -n libwayland-egl -p /sbin/ldconfig +%postun -n libwayland-egl -p /sbin/ldconfig + %post -n libwayland-server -p /sbin/ldconfig %postun -n libwayland-server -p /sbin/ldconfig @@ -125,11 +136,19 @@ XDG_RUNTIME_DIR=$PWD/tests/run make check || \ %license COPYING %{_libdir}/libwayland-cursor.so.0* +%files -n libwayland-egl +%license COPYING +%{_libdir}/libwayland-egl.so.1* + %files -n libwayland-server %license COPYING %{_libdir}/libwayland-server.so.0* %changelog +* Mon Apr 09 2018 Kalev Lember - 1.15.0-1 +- Update to 1.15.0 +- Resolves: #1576489 + * Wed Nov 29 2017 Olivier Fourdan - 1.14.0-2 - Add libwayland-cursor heap overflow fix (#1518615)