Commit fabe2194 authored by Natanael Copa's avatar Natanael Copa
Browse files

main/xorg-server: security fix (CVE-2013-1940)

fixes #1796
parent 521799bf
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=xorg-server
pkgver=1.11.3
pkgrel=0
pkgrel=1
pkgdesc="X.Org X servers"
url="http://xorg.freedesktop.org"
arch="all"
......@@ -60,7 +60,8 @@ makedepends="
source="http://xorg.freedesktop.org/releases/individual/xserver/$pkgname-$pkgver.tar.bz2
xorg-redhat-die-ugly-pattern-die-die-die.patch
"
CVE-2013-1940.patch
"
depends_dev="pixman-dev libpciaccess-dev xproto randrproto renderproto
xextproto inputproto kbproto fontsproto videoproto xineramaproto
......@@ -150,4 +151,5 @@ xephyr() {
}
md5sums="a7194c437963627e1db0dd2d6c1a1984 xorg-server-1.11.3.tar.bz2
222de594206d1148a90eddfda4f7a11a xorg-redhat-die-ugly-pattern-die-die-die.patch"
222de594206d1148a90eddfda4f7a11a xorg-redhat-die-ugly-pattern-die-die-die.patch
51b454ab1e68d09312e3e40bfd894d20 CVE-2013-1940.patch"
--- ./hw/xfree86/os-support/shared/posix_tty.c.orig
+++ ./hw/xfree86/os-support/shared/posix_tty.c
@@ -460,7 +460,8 @@
{
fd_set fds;
struct timeval timeout;
- char c[4];
+ /* this needs to be big enough to flush an evdev event. */
+ char c[256];
DebugF("FlushingSerial\n");
if (tcflush(fd, TCIFLUSH) == 0)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment