OpenBSD/xenocara BDKYMkqdriver/xf86-video-intel/src compat-api.h, driver/xf86-video-intel/src/sna sna_driver.c sna_accel.c

   Adapt xf86-video-intel to xserver 1.19 ABI changes. Mostly
   from upstreams commits.
   Tested by many. Thanks.

OpenBSD/xenocara vEQGVf1app/xenodm/xenodm error.c session.c

   xdm -> xenodm in log and error messages

OpenBSD/xenocara E9e4wnfdriver/xf86-input-acecad/src acecad.c

   xf86-input-acecad: adapt to latest xserver input driver API.

OpenBSD/xenocara 01CYl4Lapp/xidle xidle.1

   use the proper macros in the AUTHORS section
VersionDeltaFile
1.4+4-2app/xidle/xidle.1
+4-21 files

OpenBSD/xenocara el9BLa1driver/xf86-input-synaptics/tools syndaemon.c

   Use SA_RESETHAND rather than SA_ONESHOT

   The latter is an obsolete non-standard, Linux only synonym for the
   former. This caused syndaemon(1) to enter an an infinite loop whenever
   it receives a SIGINT signal. Patch from  Luca Castagnini.  Thanks.

OpenBSD/xenocara UDavcHjlib/libX11/src UIThrStubs.c

   This file isn't built anymore. So remove diffs with upstreams.
VersionDeltaFile
1.11+6-91lib/libX11/src/UIThrStubs.c
+6-911 files

OpenBSD/xenocara NxbGAym. MODULES

   update
VersionDeltaFile
1.371+2-3MODULES
+2-31 files

OpenBSD/xenocara lFE47mHdistrib/sets/lists/xbase mi, lib Makefile

   Unlink libpthread-stubs from xenocara builds.
   ok sthen@ who will take care of the ports tree. Also ok espie@
VersionDeltaFile
1.32+2-3lib/Makefile
1.105+0-3distrib/sets/lists/xbase/mi
+2-62 files

OpenBSD/xenocara 93Uo4ptlib/fontconfig/fc-scan Makefile, lib/fontconfig/fc-validate Makefile

   Remove all references to libpthread-stubs from xenocara.

   "looks sane" guenther@.

OpenBSD/xenocara GoeLsmZ. 3RDPARTY

   update
VersionDeltaFile
1.302+2-23RDPARTY
+2-21 files

OpenBSD/xenocara yxm7j35. 3RDPARTY

   update
VersionDeltaFile
1.301+2-23RDPARTY
+2-21 files

OpenBSD/xenocara 7w6paEJ. MODULES 3RDPARTY

   update
VersionDeltaFile
1.370+5-5MODULES
1.300+2-23RDPARTY
+7-72 files

OpenBSD/xenocara TEB2cyUlib/libXfont2 ChangeLog configure, lib/libXfont2/src/bitmap pcfread.c

   Update to libXfont2 2.0.2.

   Not yet linked to the build

OpenBSD/xenocara a8atL1Elib/libXfont configure configure.ac

   Update to libXfont 1.5.3.

   No actual change since individual commits were already merged.
VersionDeltaFile
1.26+10-10lib/libXfont/configure
1.15+1-1lib/libXfont/configure.ac
+11-112 files

OpenBSD/xenocara vQ0LMREdistrib/sets/lists/xbase mi

   sync
VersionDeltaFile
1.104+1-1distrib/sets/lists/xbase/mi
+1-11 files

OpenBSD/xenocara aVkvCrAlib/libXRes compile ChangeLog, lib/libXRes/include/X11/extensions XRes.h

   Update to libXRes 1.2.0

OpenBSD/xenocara MbmXSQjxserver/dix dispatch.c

   MFC: Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176)
VersionDeltaFile
1.18+6-1xserver/dix/dispatch.c
+6-11 files

OpenBSD/xenocara JNQZc9Uxserver/dbe dbe.c

   MFC: dbe: Unvalidated variable-length request in
   ProcDbeGetVisualInfo (CVE-2017-12177)

   v2: Protect against integer overflow (Alan Coopersmith)
VersionDeltaFile
1.19+4-1xserver/dbe/dbe.c
+4-11 files

OpenBSD/xenocara mO9ozdSxserver/Xi xichangehierarchy.c

   MFC: Xi: fix wrong extra length check in ProcXIChangeHierarchy
   (CVE-2017-12178)
VersionDeltaFile
1.10+1-1xserver/Xi/xichangehierarchy.c
+1-11 files

OpenBSD/xenocara BoRQQzTxserver/Xi xibarriers.c

   MFC: Xi: integer overflow and unvalidated length in
        (S)ProcXIBarrierReleasePointer

   [jcristau: originally this patch fixed the same issue as commit
   211e05ac85 "Xi: Test exact size of XIBarrierReleasePointer", with the
   addition of these checks]

   This addresses CVE-2017-12179
VersionDeltaFile
1.5+5-0xserver/Xi/xibarriers.c
+5-01 files

OpenBSD/xenocara hyIuqQmxserver/Xi xibarriers.c

   MFC: Xi: Test exact size of XIBarrierReleasePointer

   Otherwise a client can send any value of num_barriers and cause
   reading or swapping of values on heap behind the receive buffer.
VersionDeltaFile
1.4+6-3xserver/Xi/xibarriers.c
+6-31 files

OpenBSD/xenocara ZHyxtVoxserver/Xext vidmode.c, xserver/hw/xfree86/common xf86DGA.c

   MFC: hw/xfree86: unvalidated lengths

   This addresses:
   CVE-2017-12180 in XFree86-VidModeExtension
   CVE-2017-12181 in XFree86-DGA
   CVE-2017-12182 in XFree86-DRI

OpenBSD/xenocara my6qDiLxserver/xfixes cursor.c region.c

   MFC: xfixes: unvalidated lengths (CVE-2017-12183)

   v2: Use before swap (Jeremy Huddleston Sequoia)
   v3: Fix wrong XFixesCopyRegion checks (Alan Coopersmith)

OpenBSD/xenocara qpoMMGzxserver/Xext xres.c xvdisp.c, xserver/pseudoramiX pseudoramiX.c

   MFC: Unvalidated lengths

   v2: Add overflow check and remove unnecessary check (Julien Cristau)

   This addresses:
   CVE-2017-12184 in XINERAMA
   CVE-2017-12185 in MIT-SCREEN-SAVER
   CVE-2017-12186 in X-Resource
   CVE-2017-12187 in RENDER

OpenBSD/xenocara o87qGpUxserver/os io.c

   MFC: os: Make sure big requests have sufficient length.

   A client can send a big request where the 32B "length" field has value
   0. When the big request header is removed and the length corrected,
   the value will underflow to 0xFFFFFFFF.  Functions processing the
   request later will think that the client sent much more data and may
   touch memory beyond the receive buffer.
VersionDeltaFile
1.15+5-0xserver/os/io.c
+5-01 files

OpenBSD/xenocara 7i8AIFFxserver/xkb xkbtext.c

   MFC: xkb: Handle xkb formated string output safely (CVE-2017-13723)

   Generating strings for XKB data used a single shared static buffer,
   which offered several opportunities for errors. Use a ring of
   resizable buffers instead, to avoid problems when strings end up
   longer than anticipated.
VersionDeltaFile
1.10+21-21xserver/xkb/xkbtext.c
+21-211 files

OpenBSD/xenocara xcZiLVXxserver/xkb xkbtext.c

   MFC: xkb: Escape non-printable characters correctly

   XkbStringText escapes non-printable characters using octal numbers.
   Such escape sequence would be at most 5 characters long ("\0123"), so
   it reserves 5 bytes in the buffer. Due to char->unsigned int
   conversion, it would print much longer string for negative numbers.
VersionDeltaFile
1.9+1-1xserver/xkb/xkbtext.c
+1-11 files

OpenBSD/xenocara I00AUvVxserver/Xext shm.c

   MFC: Xext/shm: Validate shmseg resource id (CVE-2017-13721)

   Otherwise it can belong to a non-existing client and abort X server with
   FatalError "client not in use", or overwrite existing segment of another
   existing client.
VersionDeltaFile
1.25+1-0xserver/Xext/shm.c
+1-01 files

OpenBSD/xenocara riQlOyslib/libXfont/src/bitmap pcfread.c

   MFC: pcfGetProperties: Check string boundaries (CVE-2017-13722)

   Without the checks a malformed PCF file can cause the library to make
   atom from random heap memory that was behind the `strings` buffer.
   This may crash the process or leak information.
VersionDeltaFile
1.7+11-2lib/libXfont/src/bitmap/pcfread.c
+11-21 files

OpenBSD/xenocara lxFZIq8lib/libXfont/src/fontfile fontdir.c

   MFC: Check for end of string in PatternMatch (CVE-2017-13720)

   If a pattern contains '?' character, any character in the string is skipped,
   even if it is '\0'. The rest of the matching then reads invalid memory.
VersionDeltaFile
1.10+3-1lib/libXfont/src/fontfile/fontdir.c
+3-11 files

OpenBSD/xenocara kGocIpzapp/xdm Makefile.bsd-wrapper README, app/xdm/config Xsetup_0 Xstartup.cpp

   Remove xdm. Unhooked since more than 6 months.

OpenBSD/xenocara hsvKPzNapp/xenodm/config TakeConsole

   chown before chmod

   This prevents a malicious user logging out from calling
   chmod while still owning /dev/console and thus by-passing
   the '622' mode that is set here.

   Issue reported by Tim Chase. Thanks.


   Merged from xdm upstreams
VersionDeltaFile
1.2+2-2app/xenodm/config/TakeConsole
+2-21 files

OpenBSD/xenocara wvjaQqtxserver/hw/xfree86/common xf86pciBus.c

   Force Intel Ironlake chipsets to use the xf86-video-intel driver.
   stsp@ reported that modesetting(4) has been reported unreliable
   on his laptop, while intel(4) works.

   XXXX to be removed after 6.2 to figure out and fix the issue.

   ok kettenis@, also discussed briefly with deraadt@ during EuroBSDCon.

OpenBSD/xenocara QIRZao6. 3RDPARTY MODULES

   updates
VersionDeltaFile
1.299+4-43RDPARTY
1.369+3-3MODULES
+7-72 files

OpenBSD/xenocara OibJnT7app/cwm search.c

   Case matters for menu matching on executables; from ben at lloyd.im.
VersionDeltaFile
1.63+2-2app/cwm/search.c
+2-21 files

OpenBSD/xenocara NWQAxi9app/xenodm configure.ac configure, app/xenodm/config xenodm-config.in Xsetup_0

   backout hard-coded behaviour change which was not discussed, in
   particular no justification for why the current behaviour is wrong

OpenBSD/xenocara 884990Uapp/xenodm/config xenodm-config.in

   amend comment

OpenBSD/xenocara 8q4SCJsapp/xenodm configure.ac configure, app/xenodm/config xenodm-config.in Xsetup_0

   Use 'unix:0' for the DISPLAY environment variable

   ok matthieu@

OpenBSD/xenocara ZGxyargapp/xinit xinit.c

   Fix error check according to the secure idiom described in the snprintf(3)
   manual.

   ok dcoppa@
VersionDeltaFile
1.16+1-1app/xinit/xinit.c
+1-11 files

OpenBSD/xenocara S3a7s5uapp/xinit xinit.c

   When xinit starts an X server that listens only on UNIX socket,
   prefer DISPLAY=unix:0 rather than DISPLAY=:0.
   This will prevent applications from ever falling back to TCP if the
   UNIX socket connection fails (such as when the X server crashes).

   joint work with tb@
   cluebat and ok matthieu@
VersionDeltaFile
1.15+8-1app/xinit/xinit.c
+8-11 files

OpenBSD/xenocara 6YzpXEp. 3RDPARTY

   update
VersionDeltaFile
1.298+4-43RDPARTY
+4-41 files

OpenBSD/xenocara D0k2io1lib/mesa configure, lib/mesa/src/compiler/nir nir_opt_algebraic.c nir_constant_expressions.c

   Revert to Mesa 13.0.6 to hopefully address rendering issues a handful of
   people have reported with xpdf/fvwm on ivy bridge with modesetting driver.

OpenBSD/xenocara Gc350o1lib/mesa configure configure.ac

   Make disabling regenerating source files provided in Mesa distfiles that
   require python/bison a configure flag instead of the previous way of
   testing whether python was found (which shouldn't be the case in
   xenocara even with ports packages installed).

   This is required when timestamps change on files causing targets to be
   invoked that will break if python and bison aren't available and found
   in path by the configure script.

OpenBSD/xenocara 8kNIHpXapp/xenodm/man xenodm.man

   Missing dot breaks semantic markup. from  Klemens Nanni. Thanks.
VersionDeltaFile
1.8+1-1app/xenodm/man/xenodm.man
+1-11 files

OpenBSD/xenocara m1VRZHUdistrib/sets/lists/xbase md.landisk md.armv7

   sync

OpenBSD/xenocara Ygxbl4Dapp/xidle xidle.c

   add pledge. ok tb@
VersionDeltaFile
1.5+4-1app/xidle/xidle.c
+4-11 files

OpenBSD/xenocara M0pevZWapp/xidle xidle.c

   Close stdio before entering main loop. ok tb@
VersionDeltaFile
1.4+15-1app/xidle/xidle.c
+15-11 files

OpenBSD/xenocara zhaTGK1. 3RDPARTY

   update
VersionDeltaFile
1.297+2-23RDPARTY
+2-21 files

OpenBSD/xenocara XM7rWoUdist/fontconfig README configure.ac, dist/fontconfig/conf.d 30-metric-aliases.conf

   Update to fontconfig 2.12.4. No API change.

OpenBSD/xenocara 8g00rwi. README

   xdm -> xenodm. From Kemmens Nanni. Thanks.
VersionDeltaFile
1.40+4-4README
+4-41 files