3a026cd9c1
X.Org security advisory: July 31, 2020 X Server Pixel Data Uninitialized Memory Information Disclosure =============================================================== CVE-2020-14347 Allocation for pixmap data in AllocatePixmap() does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients. When the X server runs with elevated privileges. This flaw can lead to ASLR bypass, which when combined with other flaws (known/unknown) could lead to lead to privilege elevation in the client.
33 lines
1.0 KiB
Plaintext
33 lines
1.0 KiB
Plaintext
# Description: X Window System server
|
|
# URL: http://xorg.freedesktop.org
|
|
# Maintainer: CRUX Xorg Team, xorg-ports at crux dot nu
|
|
# Depends on: libepoxy xorg-bdftopcf xorg-font-util xorg-libdmx xorg-libxaw xorg-libxcomposite xorg-libxcursor xorg-libxfont2 xorg-libxft xorg-libxinerama xorg-libxkbfile xorg-libxres xorg-libxtst xorg-libxxf86dga xorg-mkfontscale xorg-xcb-util-keysyms
|
|
|
|
name=xorg-server
|
|
version=1.20.8
|
|
release=2
|
|
source=(https://www.x.org/releases/individual/xserver/$name-$version.tar.bz2 \
|
|
CVE-2020-14347.patch)
|
|
|
|
build() {
|
|
cd $name-$version
|
|
|
|
patch -p1 -i $SRC/CVE-2020-14347.patch
|
|
|
|
./configure --prefix=/usr \
|
|
--localstatedir=/var \
|
|
--with-fontrootdir=/usr/share/fonts/X11 \
|
|
--with-xkb-output=/var/lib/xkb \
|
|
--enable-dri \
|
|
--with-sha1=libcrypto \
|
|
--disable-systemd-logind \
|
|
--enable-glamor
|
|
|
|
make
|
|
make DESTDIR=$PKG install
|
|
|
|
rmdir $PKG/var/log
|
|
|
|
install -m 755 -d $PKG/etc/X11/xorg.conf.d
|
|
}
|