4 changed files with 59 additions and 237 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/xwayland-24.1.1.tar.xz
+SOURCES/xwayland-22.1.9.tar.xz
--- a/.xorg-x11-server-Xwayland.metadata
+++ b/.xorg-x11-server-Xwayland.metadata
@ -1 +1 @@
-6a53256310576f95a9822bafe445d6cfd554310e SOURCES/xwayland-24.1.1.tar.xz
+19ccc8ae5920620db725a08ee65d8b64c521d766 SOURCES/xwayland-22.1.9.tar.xz
--- a/SOURCES/0001-xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
+++ b/SOURCES/0001-xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
@ -1,57 +0,0 @@
-From 26120df7aae6b5bf8086fb4d871d3b1a07ddacdb Mon Sep 17 00:00:00 2001
-From: Matthieu Herrb <matthieu@herrb.eu>
-Date: Thu, 10 Oct 2024 10:37:28 +0200
-Subject: [PATCH xserver] xkb: Fix buffer overflow in _XkbSetCompatMap()
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The _XkbSetCompatMap() function attempts to resize the `sym_interpret`
-buffer.
-
-However, It didn't update its size properly. It updated `num_si` only,
-without updating `size_si`.
-
-This may lead to local privilege escalation if the server is run as root
-or remote code execution (e.g. x11 over ssh).
-
-CVE-2024-9632, ZDI-CAN-24756
-
-This vulnerability was discovered by:
-Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
-
-Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
-Tested-by: Peter Hutterer <peter.hutterer@who-t.net>
-Reviewed-by: José Expósito <jexposit@redhat.com>
-(cherry picked from commit 85b776571487f52e756f68a069c768757369bfe3)
-
-Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1735>
---
- xkb/xkb.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/xkb/xkb.c b/xkb/xkb.c
-index 8d52e25df..8b63e34b5 100644
--- a/xkb/xkb.c
-+++ b/xkb/xkb.c
-@@ -2990,13 +2990,13 @@ _XkbSetCompatMap(ClientPtr client, DeviceIntPtr dev,
-         XkbSymInterpretPtr sym;
-         unsigned int skipped = 0;
- 
-        if ((unsigned) (req->firstSI + req->nSI) > compat->num_si) {
-            compat->num_si = req->firstSI + req->nSI;
-+        if ((unsigned) (req->firstSI + req->nSI) > compat->size_si) {
-+            compat->num_si = compat->size_si = req->firstSI + req->nSI;
-             compat->sym_interpret = reallocarray(compat->sym_interpret,
-                                                 compat->num_si,
-+                                                 compat->size_si,
-                                                  sizeof(XkbSymInterpretRec));
-             if (!compat->sym_interpret) {
-                compat->num_si = 0;
-+                compat->num_si = compat->size_si = 0;
-                 return BadAlloc;
-             }
-         }
-- 
-2.47.0
-
--- a/SPECS/xorg-x11-server-Xwayland.spec
+++ b/SPECS/xorg-x11-server-Xwayland.spec
@ -1,15 +1,15 @@
-%global commit 9a55c402aa803fb10e39ab4fd18a709d0cd06fd4
+%global commit 280aac5a0ee09c45b17ec4be0681397f7c34c12e
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

-#global gitdate 20230426
+#global gitdate 20210201
 %global pkgname %{?gitdate:xserver}%{!?gitdate:xwayland}

 %global default_font_path "catalogue:/etc/X11/fontpath.d,built-ins"

 Summary:   Xwayland
 Name:      xorg-x11-server-Xwayland
-Version:   24.1.1
-Release:   4%{?gitdate:.%{gitdate}git%{shortcommit}}%{?dist}
+Version:   22.1.9
+Release:   2%{?gitdate:.%{gitdate}git%{shortcommit}}%{?dist}

 URL:       http://www.x.org
 %if 0%{?gitdate}
@ -18,29 +18,23 @@ Source0:   https://gitlab.freedesktop.org/xorg/%{pkgname}/-/archive/%{commit}/%{
 Source0:   https://www.x.org/pub/individual/xserver/%{pkgname}-%{version}.tar.xz
 %endif

-# Fix for CVE-2024-9632
-Patch1:    0001-xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
-
 License:   MIT

-Requires: xkeyboard-config
-Requires: xkbcomp
+Requires: xorg-x11-server-common
 Requires: libEGL
-Requires: libepoxy >= 1.5.5

 BuildRequires: gcc
 BuildRequires: git-core
 BuildRequires: meson

 BuildRequires: wayland-devel
-BuildRequires: desktop-file-utils
-
-BuildRequires: pkgconfig(wayland-client) >= 1.21.0
-BuildRequires: pkgconfig(wayland-protocols) >= 1.34
+BuildRequires: pkgconfig(wayland-client) >= 1.18.0
+BuildRequires: pkgconfig(wayland-protocols)
+BuildRequires: pkgconfig(wayland-eglstream-protocols)

-BuildRequires: pkgconfig(epoxy) >= 1.5.5
+BuildRequires: pkgconfig(epoxy)
 BuildRequires: pkgconfig(fontenc)
-BuildRequires: pkgconfig(libdrm) >= 2.4.89
+BuildRequires: pkgconfig(libdrm) >= 2.4.0
 BuildRequires: pkgconfig(libssl)
 BuildRequires: pkgconfig(libtirpc)
 BuildRequires: pkgconfig(pixman-1)
@ -54,6 +48,8 @@ BuildRequires: pkgconfig(xi)
 BuildRequires: pkgconfig(xinerama)
 BuildRequires: pkgconfig(xkbfile)
 BuildRequires: pkgconfig(xmu)
+BuildRequires: pkgconfig(xorg-macros) >= 1.17
+BuildRequires: pkgconfig(xpm)
 BuildRequires: pkgconfig(xrender)
 BuildRequires: pkgconfig(xres)
 BuildRequires: pkgconfig(xshmfence) >= 1.1
@ -61,10 +57,7 @@ BuildRequires: pkgconfig(xtrans) >= 1.3.2
 BuildRequires: pkgconfig(xtst)
 BuildRequires: pkgconfig(xv)
 BuildRequires: pkgconfig(libxcvt)
-BuildRequires: pkgconfig(libdecor-0) >= 0.1.1
-BuildRequires: pkgconfig(liboeffis-1.0) >= 1.0.0
-BuildRequires: pkgconfig(libei-1.0) >= 1.0.0
-BuildRequires: xorg-x11-proto-devel >= 2024.1-1
+BuildRequires: xorg-x11-proto-devel >= 7.7-10

 BuildRequires: mesa-libGL-devel >= 9.2
 BuildRequires: mesa-libEGL-devel
@ -92,7 +85,6 @@ Xwayland is an X server for running X clients under Wayland.
 %package devel
 Summary: Development package
 Requires: pkgconfig
-Requires: %{name}%{?_isa} = %{version}-%{release}

 %description devel
 The development package provides the developmental files which are
@ -103,11 +95,10 @@ necessary for developing Wayland compositors using Xwayland.

 %build
 %meson \
-	%{?gitdate:-Dxwayland=true -D{xorg,xnest,xvfb,udev}=false} \
+        -Dxwayland_eglstream=true \
        -Ddefault_font_path=%{default_font_path} \
        -Dbuilder_string="Build ID: %{name} %{version}-%{release}" \
        -Dxkb_output_dir=%{_localstatedir}/lib/xkb \
-        -Dserverconfigdir=%{_datadir}/xwayland \
        -Dxcsecurity=true \
        -Dglamor=true \
        -Ddri3=true
@ -119,189 +110,77 @@ necessary for developing Wayland compositors using Xwayland.

 # Remove unwanted files/dirs
 rm $RPM_BUILD_ROOT%{_mandir}/man1/Xserver.1*
+rm -Rf $RPM_BUILD_ROOT%{_libdir}/xorg
 rm -Rf $RPM_BUILD_ROOT%{_includedir}/xorg
 rm -Rf $RPM_BUILD_ROOT%{_datadir}/aclocal
-
-%check
-desktop-file-validate %{buildroot}%{_datadir}/applications/*.desktop
+rm -Rf $RPM_BUILD_ROOT%{_localstatedir}/lib/xkb

 %files
-%dir %{_datadir}/xwayland
 %{_bindir}/Xwayland
 %{_mandir}/man1/Xwayland.1*
-%{_datadir}/applications/org.freedesktop.Xwayland.desktop
-%{_datadir}/xwayland/protocol.txt

 %files devel
 %{_libdir}/pkgconfig/xwayland.pc

 %changelog
-* Thu Nov  7 2024  Olivier Fourdan <ofourdan@redhat.com> - 24.1.1-4
- Remove unneeded build dependencies on xorg-x11-util-macros and libXpm
- Remove unneeded build dependency on wayland-eglstream-protocols (RHEL-66317)
-
-* Wed Oct 30 2024  Olivier Fourdan <ofourdan@redhat.com> - 24.1.1-3
- Fix for CVE-2024-9632 - (RHEL-61994)
-
-* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 24.1.1-2
- Bump release for October 2024 mass rebuild:
-  Resolves: RHEL-64018
-
-* Wed Jul 10 2024 Olivier Fourdan <ofourdan@redhat.com> - 24.1.1-1
- xwayland 24.1.1 (RHEL-45260)
-
-* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 24.1.0-2
- Bump release for June 2024 mass rebuild
-
-* Wed May 15 2024 Olivier Fourdan <ofourdan@redhat.com> - 24.1.0-1
- xwayland 24.1.0 (RHEL-29911)
-
-* Thu Apr  4 2024 Olivier Fourdan <ofourdan@redhat.com> - 23.2.4-4
- CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31083
-
-* Mon Jan 29 2024 Florian Weimer <fweimer@redhat.com> - 23.2.4-3
- Fix C compatibility issue on i686
-
-* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 23.2.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-
-* Tue Jan 16 2024 Olivier Fourdan <ofourdan@redhat.com> - 23.2.4-1
- xwayland 23.2.4 - (#2254280)
-  CVE fix for: CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886,
-  CVE-2024-0408, CVE-2024-0409
-
-* Wed Dec 13 2023 Peter Hutterer <peter.hutterer@redhat.com> - 23.2.3-1
- xwayland 23.2.3 
-  CVE fix for: CVE-2023-6377, CVE-2023-6478
-
-* Fri Nov 24 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.2.2-2
- Drop dependency on xorg-x11-server-common
-
-* Thu Oct 26 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.2.2-1
- xwayland 23.2.2 - (#2246029)
-
-* Wed Oct 25 2023 Peter Hutterer <peter.hutterer@redhat.com> - 23.2.1-2
- Fix for CVE-2023-5367
-
-* Wed Sep 20 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.2.1-1
- xwayland 23.2.1 - (#2239813)
-
-* Mon Sep 11 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.2.0-2
- migrated to SPDX license
-
-* Wed Aug 16 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.2.0-1
- xwayland 23.2.0
-
-* Wed Aug  2 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.1.99.902-1
- xwayland 23.1.99.902 (xwayland 23.2.0 rc2)
+* Tue Apr 25 2023 Olivier Fourdan <ofourdan@redhat.com> - 22.1.9-2
+- Rebuild (#2158761)

-* Mon Jul 31 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.1.99.901-2
- Fix devel package requires.
+* Mon Apr  3 2023 Olivier Fourdan <ofourdan@redhat.com> - 22.1.9-1
+- xwayland 22.1.9 (#2158761)

-* Wed Jul 19 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.1.99.901-1
- xwayland 23.1.99.901 (xwayland 23.2.0 rc1)
+* Fri Mar 31 2023 Olivier Fourdan <ofourdan@redhat.com> - 21.1.3-8
+- Fix CVE-2023-1393 (#2180299)

-* Tue Jun  6 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.1.2-1
- xwayland 23.1.2
+* Tue Feb  7 2023 Olivier Fourdan <ofourdan@redhat.com> - 21.1.3-7
+- Fix CVE-2023-0494 (#2166974)

-* Thu Apr 27 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.1.1-2
- Fix spec file to build from git upstream - (#2190211)
+* Mon Dec 19 2022 Peter Hutterer <peter.hutterer@redhat.com> - 21.1.3-6
+- Follow-up fix for CVE-2022-46340 (#2151778)

-* Wed Mar 29 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.1.1-1
- xwayland 23.1.1 - (#2182734)
-  CVE fix for: CVE-2023-1393
+* Wed Dec 14 2022 Peter Hutterer <peter.hutterer@redhat.com> - 21.1.3-5
+- CVE fix for: CVE-2022-4283 (#2151803), CVE-2022-46340 (#2151778),
+  CVE-2022-46341 (#2151783), CVE-2022-46342 (#2151786),
+  CVE-2022-46343 (#2151793), CVE-2022-46344 (#2151796)

-* Wed Mar 22 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.1.0-1
- xwayland 23.1.0 - (#2180913)
+* Mon Nov 14 2022 Olivier Fourdan <ofourdan@redhat.com> -  21.1.3-4
+- Fix CVE-2022-3550, CVE-2022-3551
+  Resolves: rhbz#2140769, rhbz#2140771

-* Thu Mar  9 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.0.99.902-1
- xwayland 23.0.99.902 (xwayland 23.1.0 rc2) - (#2172415, #2173201)
+* Fri Jul 29 2022 Olivier Fourdan <ofourdan@redhat.com> - 21.1.3-3
+- CVE fix for: CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070
+  Resolves: rhbz#2110440, rhbz#2110433

-* Wed Feb 22 2023 Olivier Fourdan <ofourdan@redhat.com> - 23.0.99.901-1
- xwayland 23.0.99.901 (xwayland 23.1.0 rc1) - (#2172415)
+* Fri Jan  7 2022 Olivier Fourdan <ofourdan@redhat.com> - 21.1.3-2
+- CVE fix for: CVE-2021-4008 (#2038067), CVE-2021-4009 (#2038070),
+  CVE-2021-4010 (#2038072), CVE-2021-4011 (#2038074)

-* Tue Feb  7 2023 Olivier Fourdan <ofourdan@redhat.com> - 22.1.8-1
- xwayland 22.1.8
-  Fixes CVE-2023-0494 (#2165995, #2167566, #2167734)
+* Thu Dec  2 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.3-1
+- Rebase to 21.1.3 (rhbz#2015839)
+- Prefer EGLstream if both EGLstream and GBM are usable

-* Sun Jan 29 2023 Stefan Bluhm <stefan.bluhm@clacee.eu> - 22.1.7-4
- Updated conditional Fedora statement.
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 21.1.1-6
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688

-* Thu Jan 19 2023 Olivier Fourdan <ofourdan@redhat.com> - 22.1.7-3
- Use the recommended way to apply conditional patches without
-  conditionalizing the sources (for byte-swapped clients).
+* Mon Aug  9 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.1-5
+- Backport the latest fixes from Xwayland for EGLstream (rhbz#1977742)

-* Tue Jan 17 2023 Olivier Fourdan <ofourdan@redhat.com> - 22.1.7-2
- Disallow byte-swapped clients on Fedora 38 and above (#2159489)
-
-* Mon Dec 19 2022 Olivier Fourdan <ofourdan@redhat.com> - 22.1.7-1
- xwayland 22.1.7
-
-* Wed Dec 14 2022 Peter Hutterer <peter.hutterer@redhat.com> - 22.1.6-1
- xwayland 22.1.6
-  Fixes CVE-2022-46340, CVE-2022-46341, CVE-2022-46342, CVE-2022-46343,
-  CVE-2022-46344, CVE-2022-4283
-
-* Wed Nov  2 2022 Olivier Fourdan <ofourdan@redhat.com> - 22.1.5-1
- xwayland 22.1.5 (#2139387)
-
-* Thu Oct 20 2022 Olivier Fourdan <ofourdan@redhat.com> - 22.1.4-1
- xwayland 22.1.4 (#2136518)
-
-* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 22.1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
-
-* Tue Jul 12 2022 Olivier Fourdan <ofourdan@redhat.com> - 22.1.3-1
- xwayland 22.1.3 - (#2106387)
-  Fix CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070
-
-* Wed May 25 2022 Olivier Fourdan <ofourdan@redhat.com> - 22.1.2-1
- xwayland 22.1.2 - (#2090172)
-
-* Thu Mar 31 2022 Olivier Fourdan <ofourdan@redhat.com> - 22.1.1-1
- xwayland 22.1.1 - (#2070435)
-
-* Wed Feb 16 2022 Olivier Fourdan <ofourdan@redhat.com> - 22.1.0
- xwayland 22.1.0 - (#2055270)
-
-* Wed Feb  2 2022 Olivier Fourdan <ofourdan@redhat.com> - 22.0.99.902
- xwayland 22.0.99.902 (xwayland 22.1.0 rc2) - (#2042521)
-
-* Tue Jan 25 2022 Olivier Fourdan <ofourdan@redhat.com> - 22.0.99.901
- xwayland 22.0.99.901 (xwayland 22.1.0 rc1) - (#2042521)
-
-* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 21.1.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-
-* Tue Dec 14 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.4
- xwayland 21.1.4
-
-* Mon Nov  8 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.3
- xwayland 21.1.3 - (#2016468)
-
-* Thu Oct 21 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.2.901-1
- xwayland 21.1.2.901 (aka 21.1.3 RC1) - (#2015413)
-
-* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 21.1.2-3
- Rebuilt with OpenSSL 3.0.0
-
-* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 21.1.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
-
-* Fri Jul 9 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.2-1
- xwayland 21.1.2
-
-* Thu Jul 1 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.1.901-1
- xwayland 21.1.1.901
+* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 21.1.1-4
+- Rebuilt for RHEL 9 BETA for openssl 3.0
+  Related: rhbz#1971065

 * Mon Jun 21 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.1-3
 - Fix a use-after-free in the previous changes for GLX

-* Thu Jun 10 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.1-2
- Backport fixes for GLX and EGLstream (#1948003)
+* Thu Jun 17 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.1-2
+- Backport fixes for GLX and EGLstream (#1969486)
+
+* Thu Jun 17 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.1-1
+- xwayland 21.1.1 (#1952897)

-* Wed Apr  14 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.1-1
- xwayland 21.1.1 (CVE-2021-3472 / ZDI-CAN-1259)
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 21.1.0-2
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

 * Thu Mar  18 2021 Olivier Fourdan <ofourdan@redhat.com> - 21.1.0-1
 - xwayland 21.1.0