7.287. xorg-x11-server

Bug Fixes

BZ#608076

When the GNOME sound volume applet was configured to pop up after pressing the "mute", "volume up", or "volume down" hardware buttons, doing so caused a graphical glitch to appear in a dual monitor configuration. Now, the screen glitch no longer appears.

BZ#745033

When spice-client was opened in full-screen mode, the client screen contained a static image which was not refreshed until it was switched back to window mode. Now, the static image no longer appears when opened in full-screen mode.

BZ#816347

When the screen saver started to fade, pressing keys did not interrupt the fade and did not immediately display the unlock screen. Now, pressing keys stops the screen from fading.

BZ#829321

A NULL pointer dereference caused X.Org to terminate unexpectedly with a segmentation fault on certain servers. The error is fixed and X.Org no longer crashes on those servers.

BZ#837073

An invalid pointer dereference in the server caused the server to unexpectedly terminate with a segmentation fault when the mouse was moved over the VNC window. Crashes no longer occur when moving the mouse over the VNC window.

BZ#853236

The KVM process could not access the X server because the "/usr/bin/Xorg" binary was unreadable for non-root users. Now, all users can read the binary and KVM guests can access host operating systems.

BZ#858005

A transformation matrix is used to bind a device to a specific area on the screen. An uninitialized device transformation matrix caused the pointer to jump to the top-left corner of the screen on some devices. With this update, the transformation matrix is properly initialized and pointer device movement works as expected.

BZ#863913

An X Input Extension (XI 1.x) grab on a disabled device led to a NULL pointer dereference error which caused the server to terminate unexpectedly. Currently, the XI 1.x grab functions normally and the X server no longer crashes.

BZ#864054

When screens are reconfigured, the server updates some internal fields to adjust input device coordinate scaling if the device is bound to a specific screen. The NVIDIA binary driver did not have access to these internal methods, and was not able to update these fields when it changed output configurations. A new API is now exported for the driver and the NVIDIA driver is now able to update the server-internal fields.

BZ#868054

Pointer screen crossings for non-Xinerama setups caused the mouse pointer to wrap around on the first screen instead of moving to the second screen. Now, the mouse pointer can move between both screens on non-Xinerama setups.

BZ#883206

Running xrestop on servers that used Intel, ATI or Nouveau drivers caused the server to terminate unexpectedly with a segmentation fault. Now, users are able to run xrestop on those servers without crashes.

Security Fix

CVE-2013-4396

A use-after-free flaw was found in the way the X.Org server handled ImageText requests. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges.