From 117ea051882617628c2904f8694459301208e462 Mon Sep 17 00:00:00 2001 From: basebuilder_pel7x64builder0 Date: Tue, 5 Jun 2018 10:42:46 +0200 Subject: [PATCH] wayland package moved to gui repo Signed-off-by: basebuilder_pel7x64builder0 --- ...overflows-when-parsing-malicious-fil.patch | 52 --- SPECS/wayland.spec | 335 ------------------ 2 files changed, 387 deletions(-) delete mode 100644 SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch delete mode 100644 SPECS/wayland.spec diff --git a/SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch b/SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch deleted file mode 100644 index dc2f3357..00000000 --- a/SOURCES/0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 5d201df72f3d4f4cb8b8f75f980169b03507da38 Mon Sep 17 00:00:00 2001 -From: Tobias Stoeckmann -Date: Tue, 28 Nov 2017 21:38:07 +0100 -Subject: [PATCH] cursor: Fix heap overflows when parsing malicious files. - -It is possible to trigger heap overflows due to an integer overflow -while parsing images. - -The integer overflow occurs because the chosen limit 0x10000 for -dimensions is too large for 32 bit systems, because each pixel takes -4 bytes. Properly chosen values allow an overflow which in turn will -lead to less allocated memory than needed for subsequent reads. - -See also: https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8 -Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=103961 - -Signed-off-by: Tobias Stoeckmann -[Pekka: add link to the corresponding libXcursor commit] -Signed-off-by: Pekka Paalanen ---- - cursor/xcursor.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/cursor/xcursor.c b/cursor/xcursor.c -index ca41c4a..689c702 100644 ---- a/cursor/xcursor.c -+++ b/cursor/xcursor.c -@@ -202,6 +202,11 @@ XcursorImageCreate (int width, int height) - { - XcursorImage *image; - -+ if (width < 0 || height < 0) -+ return NULL; -+ if (width > XCURSOR_IMAGE_MAX_SIZE || height > XCURSOR_IMAGE_MAX_SIZE) -+ return NULL; -+ - image = malloc (sizeof (XcursorImage) + - width * height * sizeof (XcursorPixel)); - if (!image) -@@ -482,7 +487,8 @@ _XcursorReadImage (XcursorFile *file, - if (!_XcursorReadUInt (file, &head.delay)) - return NULL; - /* sanity check data */ -- if (head.width >= 0x10000 || head.height > 0x10000) -+ if (head.width > XCURSOR_IMAGE_MAX_SIZE || -+ head.height > XCURSOR_IMAGE_MAX_SIZE) - return NULL; - if (head.width == 0 || head.height == 0) - return NULL; --- -2.14.3 - diff --git a/SPECS/wayland.spec b/SPECS/wayland.spec deleted file mode 100644 index 25b89d08..00000000 --- a/SPECS/wayland.spec +++ /dev/null @@ -1,335 +0,0 @@ -Name: wayland -Version: 1.14.0 -Release: 2%{?dist} -Summary: Wayland Compositor Infrastructure - -License: MIT -URL: http://wayland.freedesktop.org/ -Source0: http://wayland.freedesktop.org/releases/%{name}-%{version}.tar.xz - -Patch1: 0001-cursor-Fix-heap-overflows-when-parsing-malicious-fil.patch - -BuildRequires: chrpath -BuildRequires: docbook-style-xsl -BuildRequires: doxygen -BuildRequires: expat-devel -BuildRequires: graphviz -BuildRequires: libxml2-devel -BuildRequires: libxslt -BuildRequires: pkgconfig(libffi) -BuildRequires: xmlto - -%description -Wayland is a protocol for a compositor to talk to its clients as well as a C -library implementation of that protocol. The compositor can be a standalone -display server running on Linux kernel modesetting and evdev input devices, -an X application, or a wayland client itself. The clients can be traditional -applications, X servers (rootless or fullscreen) or other display servers. - -%package devel -Summary: Development files for %{name} -Requires: libwayland-client%{?_isa} = %{version}-%{release} -Requires: libwayland-cursor%{?_isa} = %{version}-%{release} -Requires: libwayland-server%{?_isa} = %{version}-%{release} -# For upgrade path from F24 -Provides: libwayland-client-devel = %{version}-%{release} -Obsoletes: libwayland-client-devel < 1.11.91 -Provides: libwayland-cursor-devel = %{version}-%{release} -Obsoletes: libwayland-cursor-devel < 1.11.91 -Provides: libwayland-server-devel = %{version}-%{release} -Obsoletes: libwayland-server-devel < 1.11.91 - -%description devel -The %{name}-devel package contains libraries and header files for -developing applications that use %{name}. - -%package doc -Summary: Wayland development documentation -BuildArch: noarch -# For upgrade path from F22 -Obsoletes: wayland < 1.8.91 -%description doc -Wayland development documentation - -%package -n libwayland-client -Summary: Wayland client library -%description -n libwayland-client -Wayland client library - -%package -n libwayland-cursor -Summary: Wayland cursor library -Requires: libwayland-client%{?_isa} = %{version}-%{release} -%description -n libwayland-cursor -Wayland cursor library - -%package -n libwayland-server -Summary: Wayland server library -%description -n libwayland-server -Wayland server library - - -%prep -%setup -q -%patch1 -p1 -b .xcursor - -%build -%configure --disable-static --enable-documentation -make %{?_smp_mflags} - - -%install -%make_install - -find $RPM_BUILD_ROOT -name \*.la | xargs rm -f - -# Remove lib64 rpaths -chrpath -d $RPM_BUILD_ROOT%{_libdir}/libwayland-cursor.so - -%check -mkdir -m 700 tests/run -XDG_RUNTIME_DIR=$PWD/tests/run make check || \ -{ rc=$?; cat test-suite.log; exit $rc; } - - -%post -n libwayland-client -p /sbin/ldconfig -%postun -n libwayland-client -p /sbin/ldconfig - -%post -n libwayland-cursor -p /sbin/ldconfig -%postun -n libwayland-cursor -p /sbin/ldconfig - -%post -n libwayland-server -p /sbin/ldconfig -%postun -n libwayland-server -p /sbin/ldconfig - - -%files devel -%{_bindir}/wayland-scanner -%{_includedir}/wayland-*.h -%{_libdir}/pkgconfig/wayland-*.pc -%{_libdir}/libwayland-*.so -%{_datadir}/aclocal/wayland-scanner.m4 -%dir %{_datadir}/wayland -%{_datadir}/wayland/wayland-scanner.mk -%{_datadir}/wayland/wayland.xml -%{_datadir}/wayland/wayland.dtd -%{_mandir}/man3/*.3* - -%files doc -%doc README TODO -%{_datadir}/doc/wayland/ - -%files -n libwayland-client -%license COPYING -%{_libdir}/libwayland-client.so.0* - -%files -n libwayland-cursor -%license COPYING -%{_libdir}/libwayland-cursor.so.0* - -%files -n libwayland-server -%license COPYING -%{_libdir}/libwayland-server.so.0* - -%changelog -* Wed Nov 29 2017 Olivier Fourdan - 1.14.0-2 -- Add libwayland-cursor heap overflow fix (#1518615) - -* Fri Sep 22 2017 Olivier Fourdan - 1.14.0-1 -- Update to 1.14.0 - -* Thu Jun 1 2017 Owen Taylor - 1.13.0-2 -- Add a patch fixing a build error with newer versions of graphviz - -* Wed Feb 22 2017 Kalev Lember - 1.13.0-1 -- Update to 1.13.0 - -* Sat Feb 11 2017 Fedora Release Engineering - 1.12.91-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Wed Jan 25 2017 Kalev Lember - 1.12.91-1 -- Update to 1.12.91 - -* Wed Sep 21 2016 Kalev Lember - 1.12.0-1 -- Update to 1.12.0 - -* Wed Sep 14 2016 Kalev Lember - 1.11.94-1 -- Update to 1.11.94 - -* Thu Sep 08 2016 Kalev Lember - 1.11.93-1 -- Update to 1.11.93 - -* Wed Aug 31 2016 Kalev Lember - 1.11.92-1 -- Update to 1.11.92 - -* Wed Aug 17 2016 Kalev Lember - 1.11.91-1 -- Update to 1.11.91 -- Simplify -devel subpackage packaging -- Include license files in packaging - -* Wed Jun 01 2016 Kalev Lember - 1.11.0-1 -- Update to 1.11.0 - -* Wed May 25 2016 Kalev Lember - 1.10.93-1 -- Update to 1.10.93 - -* Wed May 18 2016 Kalev Lember - 1.10.92-1 -- Update to 1.10.92 - -* Sun May 08 2016 Kalev Lember - 1.10.91-1 -- Update to 1.10.91 - -* Thu Feb 18 2016 Kalev Lember - 1.10.0-1 -- Update to 1.10.0 - -* Thu Feb 04 2016 Kalev Lember - 1.9.92-1 -- Update to 1.9.92 - -* Wed Jan 20 2016 Kalev Lember - 1.9.91-1 -- Update to 1.9.91 - -* Tue Sep 22 2015 Kalev Lember - 1.9.0-1 -- Update to 1.9.0 -- Use make_install macro - -* Wed Sep 16 2015 Kalev Lember - 1.8.93-1 -- Update to 1.8.93 - -* Wed Sep 02 2015 Kalev Lember - 1.8.92-1 -- Update to 1.8.92 - -* Fri Aug 21 2015 Kalev Lember - 1.8.91-2 -- Split out wayland-doc subpackage for documentation - -* Fri Aug 21 2015 Kalev Lember - 1.8.91-1 -- Update to 1.8.91 - -* Mon Jul 20 2015 Adam Jackson 1.8.0-1 -- wayland 1.8.0 - -* Fri Jun 19 2015 Fedora Release Engineering - 1.7.92-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - -* Tue May 26 2015 Adam Jackson 1.7.92-1 -- wayland 1.7.92 - -* Sat Feb 21 2015 Till Maas - 1.7.0-2 -- Rebuilt for Fedora 23 Change - https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code - -* Tue Feb 17 2015 Richard Hughes - 1.7.0-1 -- Wayland 1.7.0 - -* Fri Sep 19 2014 Kalev Lember - 1.6.0-1 -- Update to 1.6.0 -- Remove lib64 rpaths - -* Fri Aug 22 2014 Kevin Fenzi 1.5.91-1 -- Update to 1.5.90 - -* Mon Aug 18 2014 Fedora Release Engineering - 1.5.0-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - -* Wed Jul 02 2014 Adam Jackson 1.5.0-4 -- Update protocol: new surface error enums - -* Mon Jun 30 2014 Adam Jackson 1.5.0-3 -- Remove blocking flush patch as it actually introduces deadlocks now - -* Sun Jun 08 2014 Fedora Release Engineering - 1.5.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - -* Wed May 21 2014 Richard Hughes - 1.5.0-1 -- Wayland 1.5.0 - -* Tue May 13 2014 Richard Hughes - 1.4.93-1 -- Wayland 1.4.93 - -* Fri Jan 24 2014 Richard Hughes - 1.4.0-1 -- Wayland 1.4.0 - -* Mon Jan 20 2014 Richard Hughes - 1.3.93-1 -- Wayland 1.3.93 - -* Sat Dec 21 2013 Ville Skyttä - 1.3.91-2 -- Call ldconfig in libwayland-cursor %%post* scripts. -- Run test suite during build. -- Compress snapshot tarballs with xz. - -* Tue Dec 17 2013 Richard Hughes - 1.3.91-1 -- Wayland 1.3.91 - -* Mon Nov 25 2013 Lubomir Rintel - 1.3.0-1 -- Wayland 1.3.0 - -* Mon Oct 07 2013 Adam Jackson 1.2.0-3 -- Don't use MSG_DONTWAIT in wl_connection_flush. - -* Sun Aug 04 2013 Fedora Release Engineering - 1.2.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - -* Mon Jul 15 2013 Richard Hughes - 1.2.0-1 -- wayland 1.2.0 - -* Wed May 15 2013 Richard Hughes - 1.1.90-0.1.20130515 -- Update to a git snapshot based on what will become 1.1.90 - -* Tue Apr 16 2013 Richard Hughes - 1.1.0-1 -- wayland 1.1.0 - -* Wed Mar 27 2013 Richard Hughes - 1.0.6-1 -- wayland 1.0.6 - -* Thu Feb 21 2013 Adam Jackson 1.0.5-1 -- wayland 1.0.5 - -* Fri Feb 15 2013 Fedora Release Engineering - 1.0.3-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - -* Wed Jan 02 2013 Adam Jackson 1.0.3-1 -- wayland 1.0.3 - -* Tue Oct 23 2012 Adam Jackson 1.0.0-1 -- wayland 1.0 - -* Thu Oct 18 2012 Adam Jackson 0.99.0-1 -- wayland 0.99.0 - -* Tue Sep 04 2012 Adam Jackson 0.95.0-1 -- wayland 0.95.0 (#843738) - -* Sun Jul 22 2012 Fedora Release Engineering - 0.89.0-2.20120424 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - -* Tue Apr 24 2012 Richard Hughes - 0.89.0-1 -- Update to a git snapshot based on 0.89.0 - -* Sat Feb 18 2012 Thorsten Leemhuis - 0.85.0-1 -- update to 0.85.0 -- adjust license, as upstream changed it to MIT -- update make-git-snapshot.sh to current locations and scheme -- drop common package, not needed anymore -- compositor is now in a separate package, hence reduce BuildRequires to what - is actually needed (a lot less) and adjust summary -- make usage of a git checkout in spec file optional -- a %%{?_isa} to requires where it makes sense - -* Sat Jan 14 2012 Fedora Release Engineering - 0.1-0.6.20101221 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - -* Tue Dec 06 2011 Adam Jackson - 0.1-0.5.20101221 -- Rebuild for new libpng - -* Wed Jun 15 2011 Lubomir Rintel - 0.1-0.4.20101221 -- Install real compositor binary instead of a libtool wrapper - -* Mon Feb 07 2011 Fedora Release Engineering - 0.1-0.3.20101221 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - -* Tue Dec 21 2010 Adam Jackson 0.1-0.2.20101221 -- Today's git snap - -* Tue Nov 23 2010 Adam Jackson 0.1-0.2.20101123 -- Today's git snap -- Fix udev rule install (#653353) - -* Mon Nov 15 2010 Adam Jackson 0.1-0.1.20101111 -- Initial packaging