From 5626dbfb88dbad759af15f1bbd7b7938c4138aa2 Mon Sep 17 00:00:00 2001
From: maxice8 <thinkabit.ukim@gmail.com>
Date: Fri, 26 Oct 2018 01:05:30 -0300
Subject: [PATCH] xorg-server: update to 1.20.3.

fixes:
  CVE-2018-14665
---
 .../xorg-server/patches/CVE-2018-14665.patch  | 51 -------------------
 .../xorg-server/patches/fix-libfbdevhw.patch  | 26 ----------
 srcpkgs/xorg-server/template                  |  6 +--
 3 files changed, 3 insertions(+), 80 deletions(-)
 delete mode 100644 srcpkgs/xorg-server/patches/CVE-2018-14665.patch
 delete mode 100644 srcpkgs/xorg-server/patches/fix-libfbdevhw.patch

diff --git a/srcpkgs/xorg-server/patches/CVE-2018-14665.patch b/srcpkgs/xorg-server/patches/CVE-2018-14665.patch
deleted file mode 100644
index c9554f8166a..00000000000
--- a/srcpkgs/xorg-server/patches/CVE-2018-14665.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 8a59e3b7dbb30532a7c3769c555e00d7c4301170 Mon Sep 17 00:00:00 2001
-From: Matthieu Herrb <matthieu@herrb.eu>
-Date: Tue, 23 Oct 2018 21:29:08 +0200
-Subject: [PATCH] Disable -logfile and -modulepath when running with elevated
- privileges
-
-Could cause privilege elevation and/or arbitrary files overwrite, when
-the X server is running with elevated privileges (ie when Xorg is
-installed with the setuid bit set and started by a non-root user).
-
-CVE-2018-14665
-
-Issue reported by Narendra Shinde and Red Hat.
-
-Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
-Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
-Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
-Reviewed-by: Adam Jackson <ajax@redhat.com>
-(cherry picked from commit 50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e)
----
- hw/xfree86/common/xf86Init.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git ./hw/xfree86/common/xf86Init.c b/hw/xfree86/common/xf86Init.c
-index 3c5cc7097..cabf8716b 100644
---- ./hw/xfree86/common/xf86Init.c
-+++ ./hw/xfree86/common/xf86Init.c
-@@ -1027,14 +1027,18 @@ ddxProcessArgument(int argc, char **argv, int i)
-     /* First the options that are not allowed with elevated privileges */
-     if (!strcmp(argv[i], "-modulepath")) {
-         CHECK_FOR_REQUIRED_ARGUMENT();
--        xf86CheckPrivs(argv[i], argv[i + 1]);
-+        if (xf86PrivsElevated())
-+              FatalError("\nInvalid argument -modulepath "
-+                "with elevated privileges\n");
-         xf86ModulePath = argv[i + 1];
-         xf86ModPathFrom = X_CMDLINE;
-         return 2;
-     }
-     if (!strcmp(argv[i], "-logfile")) {
-         CHECK_FOR_REQUIRED_ARGUMENT();
--        xf86CheckPrivs(argv[i], argv[i + 1]);
-+        if (xf86PrivsElevated())
-+              FatalError("\nInvalid argument -logfile "
-+                "with elevated privileges\n");
-         xf86LogFile = argv[i + 1];
-         xf86LogFileFrom = X_CMDLINE;
-         return 2;
--- 
-2.18.1
-
diff --git a/srcpkgs/xorg-server/patches/fix-libfbdevhw.patch b/srcpkgs/xorg-server/patches/fix-libfbdevhw.patch
deleted file mode 100644
index 14d29b00bcb..00000000000
--- a/srcpkgs/xorg-server/patches/fix-libfbdevhw.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-source upstream master:
-
-Misplaced parenthesis caused us to compare the sizeof,
-not the readlink return value.
-https://gitlab.freedesktop.org/xorg/xserver/commit/bd5fe7593fd0df236f3b2be1f062166ddba7d67c
-
-ensure the readlink buffer is null-terminated
-https://gitlab.freedesktop.org/xorg/xserver/commit/71703e4e8bd00719eefad53c2ed6c604079f87ea
-
---- hw/xfree86/fbdevhw/fbdevhw.c.orig
-+++ hw/xfree86/fbdevhw/fbdevhw.c
-@@ -331,12 +331,12 @@
- 
-     /* only touch non-PCI devices on this path */
-     {
--        char buf[PATH_MAX];
-+        char buf[PATH_MAX] = {0};
-         char *sysfs_path = NULL;
-         char *node = strrchr(dev, '/') + 1;
- 
-         if (asprintf(&sysfs_path, "/sys/class/graphics/%s", node) < 0 ||
--            readlink(sysfs_path, buf, sizeof(buf) < 0) ||
-+            readlink(sysfs_path, buf, sizeof(buf) - 1) < 0 ||
-             strstr(buf, "devices/pci")) {
-             free(sysfs_path);
-             close(fd);
diff --git a/srcpkgs/xorg-server/template b/srcpkgs/xorg-server/template
index 80a8cdc4e94..9ec7bf27b74 100644
--- a/srcpkgs/xorg-server/template
+++ b/srcpkgs/xorg-server/template
@@ -1,7 +1,7 @@
 # Template file for 'xorg-server'
 pkgname=xorg-server
-version=1.20.2
-revision=3
+version=1.20.3
+revision=1
 build_style=meson
 configure_args="-Dipv6=true -Dxorg=true -Dxnest=true -Dxephyr=true
  -Dxvfb=true -Dhal=false -Dudev=true -Dxkb_dir=/usr/share/X11/xkb
@@ -22,7 +22,7 @@ maintainer="Juan RP <xtraeme@voidlinux.eu>"
 license="MIT, BSD-3-Clause"
 homepage="https://xorg.freedesktop.org"
 distfiles="${XORG_SITE}/xserver/${pkgname}-${version}.tar.bz2"
-checksum=0ed5f7bc48f22f54e1ae0229ad6f35a521da4232d9d5529d7cebb5e79b3ccee2
+checksum=1b3ce466c12cacbe2252b3ad5b0ed561972eef9d09e75900d65fb1e21f9201de
 lib32disabled=yes
 provides="xserver-abi-extension-10_1 xserver-abi-input-24_1 xserver-abi-video-24_1 xf86-video-modesetting-1_1"
 replaces="xf86-video-modesetting>=0"