untrusted comment: verify with openbsd-71-base.pub
RWR2eHwZTOEiTb9gY1xwQLQaV1aF/qRGLVXbUDbsUM7uCr70YKd5bXHIsahhEBcBFrigw+1Dsu5n0scRJx66v7AJF1fcfT2H8wQ=
OpenBSD 7.1 errata 028, March 29, 2023:
Xserver, CVE-2023-1393: use after free bug in the Composite server extension.
Apply by doing:
signify -Vep /etc/signify/openbsd-71-base.pub -x 028_xserver.patch.sig \
-m - | (cd /usr/xenocara && patch -p0)
And then rebuild and install the X server:
cd /usr/xenocara/xserver
make -f Makefile.bsd-wrapper obj
make -f Makefile.bsd-wrapper build
Index: xserver/composite/compwindow.c
===================================================================
RCS file: /cvs/xenocara/xserver/composite/compwindow.c,v
diff -u -p -r1.18 compwindow.c
--- xserver/composite/compwindow.c 11 Nov 2021 09:03:02 -0000 1.18
+++ xserver/composite/compwindow.c 16 Mar 2023 21:50:21 -0000
@@ -620,6 +620,11 @@ compDestroyWindow(WindowPtr pWin)
ret = (*pScreen->DestroyWindow) (pWin);
cs->DestroyWindow = pScreen->DestroyWindow;
pScreen->DestroyWindow = compDestroyWindow;
+
+ /* Did we just destroy the overlay window? */
+ if (pWin == cs->pOverlayWin)
+ cs->pOverlayWin = NULL;
+
/* compCheckTree (pWin->drawable.pScreen); can't check -- tree isn't good*/
return ret;
}
