SwallowOS/xserver_xsdl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
xsdl-1.20
xserver_xsdl/hw/xfree86
History
Matthieu Herrb 8a59e3b7db Disable -logfile and -modulepath when running with elevated privileges 
Could cause privilege elevation and/or arbitrary files overwrite, when
the X server is running with elevated privileges (ie when Xorg is
installed with the setuid bit set and started by a non-root user).

CVE-2018-14665

Issue reported by Narendra Shinde and Red Hat.

Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Adam Jackson <ajax@redhat.com>
(cherry picked from commit 50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e)
2018-10-25 09:18:06 -04:00
..
common
Disable -logfile and -modulepath when running with elevated privileges
2018-10-25 09:18:06 -04:00
ddc
Add a Meson build system alongside autotools.
2017-04-26 15:25:27 -07:00
dixmods
miinitext: Load GLX on the mi path
2018-02-14 17:04:48 -05:00
doc
docs: remove resource management references
2018-04-02 14:10:58 -04:00
dri
hw/xfree86: unvalidated lengths
2017-10-10 23:33:44 +02:00
dri2
DRI2: Sync radeonsi_pci_ids.h from Mesa
2018-06-19 09:52:17 -04:00
drivers
modesetting: Don't free(dst) in drmmode_prop_info_copy
2018-10-05 09:14:18 +02:00
exa
meson: Install man pages
2018-03-27 10:28:33 -04:00
fbdevhw
xfree86: fix readlink call
2018-10-16 10:22:05 -04:00
glamor_egl
glamor: Make Xv extension initialize at depth 30.
2018-02-27 10:18:06 -05:00
i2c
Add a Meson build system alongside autotools.
2017-04-26 15:25:27 -07:00
int10
meson: Silence -Wformat-nonliteral for x86emu
2017-10-20 13:15:35 -04:00
loader
Use ARRAY_SIZE all over the tree
2017-10-30 13:45:20 -04:00
man
glamor: Hide new DRI behind Option "Debug" "dmabuf_capable"
2018-03-28 16:34:28 -04:00
modes
xfree86: Wrap RRCrtcIsLeased and RROutputIsLeased to check for DIX structures
2018-08-01 11:01:37 -04:00
os-support
posix_tty: free leak of xf86SetStrOption return value.
2018-10-04 17:26:26 +02:00
parser
os, xfree86: Stop being so weird about <limits.h>
2017-05-12 09:49:07 -04:00
ramdac
ramdac: Check ScreenPriv != NULL in xf86ScreenSetCursor()
2017-10-25 09:52:44 -04:00
shadowfb
meson: Fix linkage of loadable modules for PE/COFF
2017-10-12 15:22:04 -04:00
utils
gtf: Warning fix
2018-04-05 14:18:16 -04:00
vbe
meson: Build libvbe.so
2017-04-27 15:19:45 -04:00
vgahw
meson: Build libvgahw.so
2017-04-27 15:19:41 -04:00
x86emu
x86emu: Teach the debug code about varargs
2018-01-16 16:08:38 -05:00
xkb
Move statically linked xorgxkb files from dixmods to a separate directory
2017-06-27 12:42:06 -04:00
.gitignore
Xorg: Add Xorg.wrap to hw/xfree86/.gitignore
2014-04-18 11:39:16 +02:00
Makefile.am
xfree86: Makefile shouldn't rely on superuser being named 'root'
2018-06-19 09:52:45 -04:00
meson.build
meson: don't install xorg wrapper manpages if suid-wrapper isn't being used
2018-06-19 09:52:17 -04:00
sdksyms.sh
sdksyms: Cope with __pid_t and __uint32_t
2018-04-23 14:56:17 -04:00
xorg-wrapper.c
suid: Include sysmacros.h to fix build after glibc-2.25
2017-09-25 13:04:25 -04:00
Xorg.sh.in
xfree86: rename Xorg.bin to Xorg
2015-01-05 09:53:58 +10:00
xorgconf.cpp
xfree86: fix wrong DontZap documentation (#71113)
2014-05-24 20:02:56 +10:00