Fixes CVE-2018-14665 (local file overwrite bugs), and a trivial fix in
fbdevhw initialization. All users are advised to upgrade. Thanks to
Narendra Shinde and Thomas Hoger for the report, and Matthieu Herrb for
the fix.
Adam Jackson (1):
xserver 1.20.3
Matthieu Herrb (2):
Disable -logfile and -modulepath when running with elevated privileges
LogFilePrep: add a comment to the unsafe format string.
Peter Hutterer (1):
xfree86: fix readlink call
git tag: xorg-server-1.20.3
https://xorg.freedesktop.org/archive/individual/xserver/xorg-server-1.20.3.tar.bz2
MD5: 8ee29e8b24cef6b3cfa747ec01b9155a xorg-server-1.20.3.tar.bz2
SHA1: a522cd543606b4d0509d821b8061904951171c50 xorg-server-1.20.3.tar.bz2
SHA256: 1b3ce466c12cacbe2252b3ad5b0ed561972eef9d09e75900d65fb1e21f9201de
xorg-server-1.20.3.tar.bz2
SHA512:
ee44554f86df4297f54c5871fe7a18954eeef4338775a25f36d6577b279c4775f61128da71b86cfaeadcc080838d6749dede138d4db178866579da2056543fba
xorg-server-1.20.3.tar.bz2
PGP:
https://xorg.freedesktop.org/archive/individual/xserver/xorg-server-1.20.3.tar.bz2.sig
https://xorg.freedesktop.org/archive/individual/xserver/xorg-server-1.20.3.tar.gz
MD5: a993394d1493c6db19de654b43a82f0b xorg-server-1.20.3.tar.gz
SHA1: 375466fff4dfbb2f6a87d9fbb4abc132f1ef623a xorg-server-1.20.3.tar.gz
SHA256: d9e4fbefe1a31a4999c9a5f1c81a8e34e1d1b9056f3ac225f299f515eab2bcb8
xorg-server-1.20.3.tar.gz
SHA512:
cebac5b28fe235ab961a256c68e2fce3d6afd52697fbb95d83813d29814164ab4640b30c06bf6125ea23595871eda3a16a922e95b0789077001fe609d065bfbe
xorg-server-1.20.3.tar.gz
PGP:
https://xorg.freedesktop.org/archive/individual/xserver/xorg-server-1.20.3.tar.gz.sig
- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part
URL:
<https://lists.x.org/archives/xorg-announce/attachments/20181025/ec8ee1fb/attachment.sig>
