Description: "Allocation for pixmap data in AllocatePixmap() does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients. When the X server runs with elevated privileges. This flaw can lead to ASLR bypass, which when combined with other flaws (known/unknown) could lead to lead to privilege elevation in the client."
"xorg-server 1.20.9 will be released shortly and will include this patch." Please bump when available, although I'm confident you guys will know that before I do. :)
ping. Maybe apply patch?
Change looks simple enough, I will cherry pick patch[1] and push it into tree with revbump. [1] https://gitlab.freedesktop.org/xorg/xserver/-/commit/aac28e162e5108510065ad4c323affd6deffd816
New advisory: https://www.openwall.com/lists/oss-security/2020/08/25/3 * CVE-2020-14345 / ZDI CAN 11428 XkbSetNames Out-Of-Bounds Access The handler for the XkbSetNames request does not validate the request length before accessing its contents. * CVE-2020-14346 / ZDI CAN 11429 XIChangeHierarchy Integer Underflow An integer underflow exists in the handler for the XIChangeHierarchy request. * CVE-2020-14361 / ZDI CAN 11573 XkbSelectEvents Integer Underflow An integer underflow exist in the handler for the XkbSelectEvents request. * CVE-2020-14362 / ZDI CAN 11574 XRecordRegisterClients Integer Underflow An integer underflow exist in the handler for the CreateRegister request of the X record extension.
arm64 done
amd64 done
x86 done
arm done
sparc done
ppc64 done
Borks here: https://forums.gentoo.org/viewtopic-t-1118046-highlight-.html emerge --info --- Invalid atom in /var/db/repos/go-overlay/profiles/package.mask: Slot deps are not allowed in EAPI 0: 'dev-lang/go:stable' * Failed to change nice value to '-10' * [Errno 1] Operation not permitted Portage 2.3.103 (python 3.7.8-final-0, default/linux/amd64/17.1, gcc-9.3.0, glibc-2.31-r6, 5.8.3-gentoo-classic x86_64) ================================================================= System uname: Linux-5.8.3-gentoo-classic-x86_64-Intel-R-_Core-TM-_i3-6100_CPU_@_3.70GHz-with-gentoo-2.6 KiB Mem: 3939312 total, 704708 free KiB Swap: 8048528 total, 8002152 free Timestamp of repository audio-overlay: Sat, 22 Aug 2020 11:05:17 +0000 Head commit of repository audio-overlay: 39303757c710a55234bcd0c80c2bf57c5e88936d Timestamp of repository bobwya: Sun, 16 Aug 2020 18:35:35 +0000 Head commit of repository bobwya: a894ae5971064205dc5339e33475cab02cda8fec Timestamp of repository calculate: Tue, 25 Aug 2020 10:35:11 +0000 Head commit of repository calculate: 1408a4c46001eb03dda2a802b4592f98134406de Timestamp of repository go-overlay: Mon, 10 Aug 2020 09:13:55 +0000 Head commit of repository go-overlay: 56b684348b133aedbdb0be40bc3dd3a1fd499553 Timestamp of repository linxon: Sat, 15 Aug 2020 17:05:43 +0000 Head commit of repository linxon: 45a41bce24a71d4db09dbf2f021909b966e2667c Timestamp of repository pentoo: Tue, 25 Aug 2020 17:05:20 +0000 Head commit of repository pentoo: d7eec92414f0e2e149fd0114acb8ae321ba05c6e Timestamp of repository raiagent: Tue, 25 Aug 2020 04:35:39 +0000 Head commit of repository raiagent: 6ef52cf1df974b347a580f79dd85d88fb328cb17 Timestamp of repository rukruk: Mon, 10 Aug 2020 09:14:03 +0000 Head commit of repository rukruk: 1625c3550184d3f8ab6d10488b5b4829e667f2c8 Timestamp of repository seden: Mon, 17 Aug 2020 06:35:29 +0000 Head commit of repository seden: 55dc9e703d356b0c33bf2ec4f4a49b2eb791b675 Head commit of repository smoverlay: 01a4b5763a6cd79016a3230f5820b224f011a44f Timestamp of repository thegreatmcpain: Tue, 25 Aug 2020 18:05:57 +0000 Head commit of repository thegreatmcpain: f8a718cc73f5f9ae24052e40ae679bd26962819c Timestamp of repository waebbl: Mon, 17 Aug 2020 22:05:52 +0000 Head commit of repository waebbl: af1bd1549b2c3e0575e934a7047e1c97603a011a Timestamp of repository gentoo: Tue, 25 Aug 2020 23:30:01 +0000 Head commit of repository gentoo: 810485aa2553e8f83238c8ef25f6663fc78b834d Timestamp of repository ricerlay: Sun, 23 Aug 2020 09:05:19 +0000 Head commit of repository ricerlay: 5a8ffbc3f345c11bc276a0ae0a54d3fc2176437b sh bash 5.0_p18 ld GNU ld (Gentoo 2.33.1 p2) 2.33.1 distcc 3.3.3 x86_64-pc-linux-gnu [disabled] app-shells/bash: 5.0_p18::gentoo dev-java/java-config: 2.3.1::gentoo dev-lang/perl: 5.30.3::gentoo dev-lang/python: 2.7.18-r1::gentoo, 3.6.11-r2::gentoo, 3.7.8-r2::gentoo, 3.8.5::gentoo dev-util/cmake: 3.16.5::gentoo dev-util/pkgconfig: 0.29.2::gentoo sys-apps/baselayout: 2.6-r1::gentoo sys-apps/openrc: 0.42.1::gentoo sys-apps/sandbox: 2.18::gentoo sys-devel/autoconf: 2.13-r1::gentoo, 2.69-r4::gentoo sys-devel/automake: 1.16.1-r1::gentoo sys-devel/binutils: 2.33.1-r1::gentoo sys-devel/gcc: 9.3.0-r1::gentoo, 10.2.0-r1::gentoo sys-devel/gcc-config: 2.3.1::gentoo sys-devel/libtool: 2.4.6-r6::gentoo sys-devel/make: 4.2.1-r4::gentoo sys-kernel/linux-headers: 5.7::gentoo (virtual/os-headers) sys-libs/glibc: 2.31-r6::gentoo Repositories: audio-overlay location: /var/db/repos/audio-overlay sync-type: git sync-uri: https://github.com/gentoo-mirror/audio-overlay.git masters: gentoo priority: -10001 bobwya location: /var/db/repos/bobwya sync-type: git sync-uri: https://github.com/gentoo-mirror/bobwya.git masters: gentoo priority: -10001 calculate location: /var/db/repos/calculate sync-type: git sync-uri: https://github.com/gentoo-mirror/calculate.git masters: gentoo priority: -10001 go-overlay location: /var/db/repos/go-overlay sync-type: git sync-uri: https://github.com/gentoo-mirror/go-overlay.git masters: gentoo priority: -10001 linxon location: /var/db/repos/linxon sync-type: git sync-uri: https://github.com/gentoo-mirror/linxon.git masters: gentoo priority: -10001 pdm-bashtop location: /var/lib/layman/pdm-bashtop sync-type: laymansync sync-uri: https://gitlab.com/gentoo-pdm/sys-process/bashtop/pdm-bashtop.git masters: gentoo priority: -10001 pdm-screenkey location: /var/lib/layman/pdm-screenkey sync-type: laymansync sync-uri: https://gitlab.com/gentoo-pdm/x11-misc/screenkey/pdm-screenkey.git masters: gentoo priority: -10001 pentoo location: /var/db/repos/pentoo sync-type: git sync-uri: https://github.com/gentoo-mirror/pentoo.git masters: gentoo priority: -10001 raiagent location: /var/db/repos/raiagent sync-type: git sync-uri: https://github.com/gentoo-mirror/raiagent.git masters: gentoo priority: -10001 rukruk location: /var/db/repos/rukruk sync-type: git sync-uri: https://github.com/gentoo-mirror/rukruk.git masters: gentoo priority: -10001 seden location: /var/db/repos/seden sync-type: git sync-uri: https://github.com/gentoo-mirror/seden.git masters: gentoo priority: -10001 smoverlay location: /var/db/repos/smoverlay sync-type: git sync-uri: https://git.s-morozov.net/gentoo-overlays/smoverlay.git masters: gentoo priority: -10001 thegreatmcpain location: /var/db/repos/thegreatmcpain sync-type: git sync-uri: https://github.com/gentoo-mirror/thegreatmcpain.git masters: gentoo bobwya priority: -10001 waebbl location: /var/db/repos/waebbl sync-type: git sync-uri: https://github.com/gentoo-mirror/waebbl.git masters: gentoo raiagent priority: -10001 gentoo location: /var/db/repos/gentoo sync-type: rsync sync-uri: rsync://rsync.gentoo.org/gentoo-portage priority: -1000 sync-rsync-verify-jobs: 1 sync-rsync-verify-metamanifest: no sync-rsync-verify-max-age: 24 sync-rsync-extra-opts: ricerlay location: /var/db/repos/ricerlay sync-type: git sync-uri: https://github.com/gentoo-mirror/ricerlay.git masters: gentoo das-labor location: /var/lib/layman/das-labor sync-type: laymansync sync-uri: https://github.com/das-labor/overlay.git masters: gentoo priority: 50 gnu-elpa location: /var/lib/layman/gnu-elpa sync-type: laymansync sync-uri: gs-elpa gnu-elpa masters: gentoo priority: 50 melpa location: /var/lib/layman/melpa sync-type: laymansync sync-uri: gs-elpa melpa masters: gnu-elpa gentoo priority: 50 vayerx location: /var/lib/layman/vayerx sync-type: laymansync sync-uri: https://github.com/vayerx/vayerx-gentoo.git masters: gentoo priority: 50 local-repo location: /var/db/repos/local-repo masters: gentoo priority: 10000 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=skylake -mtune=skylake -O2 -pipe " CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php7.4/ext-active/ /etc/php/cgi-php7.4/ext-active/ /etc/php/cli-php7.4/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=skylake -mtune=skylake -O2 -pipe " DISTDIR="/var/cache/distfiles" EMERGE_DEFAULT_OPTS="--alert y --alphabetical --ask-enter-invalid --autounmask y --autounmask-only n --autounmask-unrestricted-atoms y --autounmask-write y --misspell-suggestions n --noconfmem --nospinner --tree --with-bdeps y" ENV_UNSET="DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" FCFLAGS="-march=skylake -mtune=skylake -O2 -pipe " FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms split-elog strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync" FFLAGS="-march=skylake -mtune=skylake -O2 -pipe " GENTOO_MIRRORS="http://ftp.free.fr/mirrors/ftp.gentoo.org/ https://mirrors.evowise.com/gentoo/ http://mirror.dkm.cz/gentoo/ http://mirror.eu.oneandone.net/linux/distributions/gentoo/gentoo/ http://mirror.netcologne.de/gentoo/ http://mirror.leaseweb.com/gentoo/ http://mirror.bytemark.co.uk/gentoo/ http://gentoo.mirror.web4u.cz/ http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/" LANG="fr_FR.utf8" LDFLAGS=" -Wl,-O1 -Wl,-fuse-ld=bfd -march=skylake -mtune=skylake -O2 -pipe " LINGUAS="fr" MAKEOPTS="-j3 -l3" PKGDIR="/var/cache/binpkgs" PORTAGE_COMPRESS="lzma" PORTAGE_COMPRESS_FLAGS="-9" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" USE="amd64 asm libglvnd minimal split-usr" ABI_X86="64" ALSA_CARDS="hda-intel" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GRUB_PLATFORMS="pc" INPUT_DEVICES="libinput" KERNEL="linux" L10N="fr" PHP_TARGETS="php7-4" PYTHON_SINGLE_TARGET="python3_7" PYTHON_TARGETS="python2_7 python3_6 python3_7" QEMU_USER_TARGETS="aarch64" RUBY_TARGETS="ruby25" USERLAND="GNU" VIDEO_CARDS="intel i965 iris" Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LC_ALL, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_RSYNC_EXTRA_OPTS
Unable to check for sanity: > package masked: x11-base/xorg-server-1.20.9
Unable to check for sanity: > no match for package: x11-base/xorg-server-1.20.9
Resetting sanity check; package list is empty or all packages are done.
This issue was resolved and addressed in GLSA 202012-01 at https://security.gentoo.org/glsa/202012-01 by GLSA coordinator Thomas Deutschmann (whissi).
