[ANNOUNCE] xorg-server 1.4.1

Daniel Stone daniel at fooishbar.org
Tue Jun 10 09:01:46 PDT 2008 

Suspend your disbelief, it's 1.4.1.  Better imperfect than never at all,
I guess.  Contains a few security and input fixes, some memory leak
fixes, and a few misc bits.

git tag: xorg-server-1.4.1

http://xorg.freedesktop.org/archive/individual/xserver/xorg-server-1.4.1.tar.bz2
MD5: 0d638b6857408bb2e564e0c7b772d9a1  xorg-server-1.4.1.tar.bz2
SHA1: b5a020f6a5cc4b16296dadbc9c82073201d7d01a
xorg-server-1.4.1.tar.bz2

http://xorg.freedesktop.org/archive/individual/xserver/xorg-server-1.4.1.tar.gz
MD5: b2375fd10ae03fb0179f6c3564eb151c  xorg-server-1.4.1.tar.gz
SHA1: 7f6d9633956d278c84aaf8c11cb67f0ae65f5d26  xorg-server-1.4.1.tar.gz

Full changelog since 1.4.0.90 follows.

Cheers,
Daniel


Adam Jackson (5):
      CVE-2007-6429: Don't spuriously reject <8bpp shm pixmaps.
      Ignore - not just block - SIGALRM around Popen()/Pclose().
      Fix hal shutdown crash.
      Bump DEFAULT_DPI to 96.
      Bug #13962: Re-arm the DPMS timer when re-enabling DPMS.

Alan Coopersmith (2):
      Check for <sys/sdt.h> as well when determining to enable dtrace probes
      When XKB fails to open rules file, log the file name, not the NULL file pointer

Alan Hourihane (1):
      Fix context sharing between direct/indirect contexts

Arkadiusz Miskiewicz (1):
      Xprint: Clean up generated files

Ben Byer (1):
      So, like, checking return codes of system calls (signal, etc) is good.

Daniel Stone (12):
      Config: D-Bus: Don't leak timers
      Config: HAL: Don't leak options on failure to add device
      OS: Don't leak connection translation table on regeneration
      KDrive: Xephyr: Don't leak screen damage structure
      Input: Don't reinit devices
      OS: IO: Zero out client buffers
      XKB: XkbCopyKeymap: Don't leak all the sections
      Xephyr: One-time keyboard leak fix
      XKB: Actually explain keymap failures
      Prevent the -wm command line option from causing a SEGV
      Xi: event_{x,y} should refer to the extended device (bug #16289)
      Bump to 1.4.1

Donnie Berkholz (5):
      dmx: fix build by adding {New,Delete}InputDeviceRequest.
      dmx: link in XSERVER_LIBS.
      xephyr: fix linking by adding pixman and using XSERVER_LIBS.
      xprint: fix build by adding {New,Delete}InputDeviceRequest.
      xprint: fix linking by including XSERVER_LIBS.

Eamon Walsh (1):
      security: Fix for Bug #14480: untrusted access broken in 7.3.

Eric Anholt (2):
      Fix build on FreeBSD after Popen changes.
      Fix overly-restrictive integer overflow check in EXA pixmap creation.

Hasso Tepper (1):
      configure.ac: DragonFly BSD support

Hong Liu (2):
      Bug 13308: Verify and reject obviously broken modes.
      bgPixel (unsigned long) is 64-bit on x86_64, so -1 != 0xffffffff

Jeremy C. Reed (1):
      Add some more support for DragonFly. From Joerg Sonnenberger

Julien Cristau (1):
      kdrive: allow disabling Composite

Kristian Høgsberg (1):
      Don't break grab and focus state for a window when redirecting it.

Maarten Maathuis (2):
      Resize composite overlay window when the root window changes.
      Fix rotation for multi-monitor situation.

Magnus Vigerlöf (5):
      dix: Always add valuator information if present
      Bug # 10324: dix: Allow arbitrary value ranges in GetPointerEvents
      Bug # 10324: dix: Add scaling of X and Y on the reported pointer-events
      dix: Skip call to clipAxis for relative core-events
      dix: Move motion history update until after screen crossing and clipping

Mart Raudsepp (1):
      xf86: Add AutoConfig driver for PCI ID 1022:2081 to 'amd'

Matthias Hopf (1):
      CVE-2007-6429: Always test for size+offset wrapping.

Matthieu Herrb (6):
      Fix for CVE-2007-5760 - XFree86 Misc extension out of bounds array index
      Fix for CVE-2007-6428 - TOG-cup extension memory corruption.
      Fix for CVE-2007-6427 - Xinput extension memory corruption.
      Fix for CVE-2007-6429 - MIT-SHM and EVI extensions integer overflows.
      Fix for CVE-2008-0006 - PCF Font parser buffer overflow.
      Fix for CVE-2007-5958 - File existence disclosure.

Michel Dänzer (2):
      Fix RandR 1.2 driver interface conversion of two colour cursors to ARGB
      EXA: Skip empty glyphs. (cherry picked from commit ce50bfd3369686cfecee5a138bd84ef1107a249d)

Peter Hutterer (5):
      include: never overwrite realInputProc with enqueueInputProc. Bug #13511
      dix: set the correct number of valuators in valuator events.
      xkb: don't update LEDs if they don't exist. (Bug #13961)
      xfree86: fix AlwaysCore handling. (Bug #14256)
      xkb: when copying the keymap, make sure the structs default to 0/NULL.

Pierre Willenbrock (1):
      EXA: Fix off-by-one in polyline drawing.

Sascha Hlusiak (1):
      Fix getValuatorEvents to compute number of valuators correctly.

Thomas Jaeger (1):
      XKB: Fix processInputProc wrapping

Tilman Sauerbeck (1):
      Fixed configure.ac for autoconf 2.62.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.x.org/archives/xorg/attachments/20080610/fb43bf94/attachment.pgp>

More information about the xorg mailing list