[packages/xorg-xserver-server] up to 21.1.16 (multiple security fixes)

Wed Feb 26 12:02:26 CET 2025

commit c35b4e88146d7f5ffe2020fd5f78270db26a718c
Author: Jan Palus <atler at pld-linux.org>
Date:   Wed Feb 26 10:53:04 2025 +0100

    up to 21.1.16 (multiple security fixes)
    
    - CVE-2025-26594
    - CVE-2025-26595
    - CVE-2025-26596
    - CVE-2025-26597
    - CVE-2025-26598
    - CVE-2025-26599
    - CVE-2025-26600
    - CVE-2025-26601

 xorg-xserver-server-builtin-SHA1.patch | 12 ++++++++++--
 xorg-xserver-server.spec               |  4 ++--
 2 files changed, 12 insertions(+), 4 deletions(-)
---

diff --git a/xorg-xserver-server.spec b/xorg-xserver-server.spec
index 04a28ed..6f79af7 100644
--- a/xorg-xserver-server.spec
+++ b/xorg-xserver-server.spec
@@ -35,12 +35,12 @@
 Summary:	X.org server
 Summary(pl.UTF-8):	Serwer X.org
 Name:		xorg-xserver-server
-Version:	21.1.15
+Version:	21.1.16
 Release:	1
 License:	MIT
 Group:		X11/Servers
 Source0:	https://xorg.freedesktop.org/releases/individual/xserver/xorg-server-%{version}.tar.xz
-# Source0-md5:	f6195ead06a84d0ceeddb5f120c2a90d
+# Source0-md5:	f1a5ec0939c0efd7fde1418989b579db
 Source1:	10-quirks.conf
 Source2:	xserver.pamd
 Source10:	%{name}-Xvfb.init
diff --git a/xorg-xserver-server-builtin-SHA1.patch b/xorg-xserver-server-builtin-SHA1.patch
index 90d9aee..f104b40 100644
--- a/xorg-xserver-server-builtin-SHA1.patch
+++ b/xorg-xserver-server-builtin-SHA1.patch
@@ -10,13 +10,13 @@ diff -urN xorg-server-1.17.0.org/configure.ac xorg-server-1.17.0/configure.ac
  else
    DIX_LIB='$(top_builddir)/dix/libdix.la'
    OS_LIB='$(top_builddir)/os/libos.la'
-@@ -1566,124 +1566,6 @@
+@@ -1566,132 +1566,6 @@
  MIEXT_SYNC_LIB='$(top_builddir)/miext/sync/libsync.la'
  CORE_INCS='-I$(top_srcdir)/include -I$(top_builddir)/include'
  
 -# SHA1 hashing
 -AC_ARG_WITH([sha1],
--            [AS_HELP_STRING([--with-sha1=libc|libmd|libnettle|libgcrypt|libcrypto|libsha1|CommonCrypto|CryptoAPI],
+-            [AS_HELP_STRING([--with-sha1=libc|libmd|libnettle|nettlestatic|libgcrypt|libcrypto|libsha1|CommonCrypto|CryptoAPI],
 -                            [choose SHA1 implementation])])
 -AC_CHECK_FUNC([SHA1Init], [HAVE_SHA1_IN_LIBC=yes])
 -if test "x$with_sha1" = x && test "x$HAVE_SHA1_IN_LIBC" = xyes; then
@@ -91,6 +91,14 @@ diff -urN xorg-server-1.17.0.org/configure.ac xorg-server-1.17.0/configure.ac
 -	          [Use libnettle SHA1 functions])
 -	SHA1_LIBS=-lnettle
 -fi
+-if test "x$with_sha1" = xnettlestatic && test "x$HAVE_LIBNETTLE" != xyes; then
+-	AC_MSG_ERROR([nettlestatic requested but libnettle not found])
+-fi
+-if test "x$with_sha1" = xnettlestatic; then
+-	AC_DEFINE([HAVE_SHA1_IN_LIBNETTLE], [1],
+-	          [Use static libnettle SHA1 functions])
+-	SHA1_LIBS=-l:libnettle.a
+-fi
 -AC_CHECK_LIB([gcrypt], [gcry_md_open], [HAVE_LIBGCRYPT=yes])
 -if test "x$with_sha1" = x && test "x$HAVE_LIBGCRYPT" = xyes; then
 -	with_sha1=libgcrypt
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/xorg-xserver-server.git/commitdiff/c35b4e88146d7f5ffe2020fd5f78270db26a718c

