From abe139c3ce613c42b8881b4660a3e42f76e272ae Mon Sep 17 00:00:00 2001
From: Adam Jackson <ajax@redhat.com>
Date: Jul 31 2020 16:02:45 +0000
Subject: Fix server reply validation issue in XIM (CVE 2020-14344)


---

diff --git a/libX11.spec b/libX11.spec
index b1ab9fe..833076b 100644
--- a/libX11.spec
+++ b/libX11.spec
@@ -5,7 +5,7 @@
 Summary: Core X11 protocol client library
 Name: libX11
 Version: 1.6.9
-Release: 4%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
+Release: 5%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
 License: MIT
 URL: http://www.x.org
 
@@ -20,6 +20,13 @@ Source0: https://xorg.freedesktop.org/archive/individual/lib/%{name}-%{version}.
 Patch2: dont-forward-keycode-0.patch
 Patch3: 0001-Handle-ssharp-in-XConvertCase.patch
 
+# CVE 2020-14344
+Patch11: 0001-Fix-signed-length-values-in-_XimGetAttributeID.patch
+Patch12: 0002-fix-integer-overflows-in-_XimAttributeToValue.patch
+Patch13: 0003-Fix-more-unchecked-lengths.patch
+Patch14: 0004-Zero-out-buffers-in-functions.patch
+Patch15: 0005-Change-the-data_len-parameter-of-_XimAttributeToValu.patch
+
 BuildRequires: xorg-x11-util-macros >= 1.11
 BuildRequires: pkgconfig(xproto) >= 7.0.15
 BuildRequires: xorg-x11-xtrans-devel >= 1.0.3-4
@@ -58,6 +65,11 @@ libX11/libxcb interoperability library
 %setup -q -n %{tarball}-%{?gitdate:%{gitdate}}%{!?gitdate:%{version}}
 %patch2 -p1 -b .dont-forward-keycode-0
 %patch3 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
 
 %build
 autoreconf -v --install --force
@@ -123,6 +135,9 @@ make %{?_smp_mflags} check
 %{_mandir}/man5/*.5*
 
 %changelog
+* Fri Jul 31 2020 Adam Jackson <ajax@redhat.com> - 1.6.9-5
+- Fix server reply validation issue in XIM (CVE 2020-14344)
+
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.9-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild