| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-11-06 | Update rgb to 1.1.0 | Matthieu Herrb | |
| 2022-11-06 | Update bdftopcf to version 1.1.1 | Matthieu Herrb | |
| 2022-10-15 | Fix overlapping menu items as reported by kn@ and probably others at | Okan Demirmen | |
| some point; with op@ and Walter Alejandro Iglesias helping along the way. Consistently use font ascent+descent instead of an arbitrary font height+1 for individual menu item rectangles and placement. ok kn@ op@ | |||
| 2022-09-03 | Revert parts of the changes in versions 368 and 369 that broke | Matthieu Herrb | |
| support of 30bpp displays with TrueType fonts | |||
| 2022-08-31 | Update twm to version 1.0.12 | Matthieu Herrb | |
| 2022-08-31 | The update to twm 1.0.11 missed upgrading configure.ac. | Matthieu Herrb | |
| update and regen autotools files | |||
| 2022-08-31 | Update oclock to version 1.0.5 | Matthieu Herrb | |
| 2022-08-31 | Update ico to version 1.0.6 | Matthieu Herrb | |
| 2022-08-29 | Properly support style in passwd\nOK matthieu | Greg Steuck | |
| 2022-08-07 | kill extra space at EOL | Matthieu Herrb | |
| 2022-08-07 | fix indentation style and space/tab | Matthieu Herrb | |
| 2022-08-07 | If unveil(2) fails, display an error with the failing path. | Matthieu Herrb | |
| Discussed with deraadt@ ok millert@ | |||
| 2022-07-17 | Set default sleep value to 10ms. This makes ico look nice again. | Matthieu Herrb | |
| 2022-07-15 | Update xrefresh to version 1.0.7 | Matthieu Herrb | |
| 2022-07-15 | Update xmessage to version 1.0.6 | Matthieu Herrb | |
| 2022-07-15 | Update xmag to version 1.0.7 | Matthieu Herrb | |
| 2022-07-15 | Update xkbutils to version 1.0.5 | Matthieu Herrb | |
| 2022-07-15 | Update xev to version 1.2.5 | Matthieu Herrb | |
| 2022-07-15 | Update to xwud version 1.0.6 | Matthieu Herrb | |
| 2022-07-15 | Update xpr to version 1.1.0 | Matthieu Herrb | |
| Removes support for old DEC printers | |||
| 2022-07-15 | Update xmodpap to version 1.0.11 | Matthieu Herrb | |
| 2022-07-15 | Update xfontsel to vesion 1.1.0 | Matthieu Herrb | |
| 2022-07-15 | Update xconsole to version 1.0.8 | Matthieu Herrb | |
| 2022-07-15 | Update xcmsdb to version 1.0.6 | Matthieu Herrb | |
| 2022-07-15 | Update xclipboard to version 1.1.4 | Matthieu Herrb | |
| 2022-07-07 | xlock: unveil(2) all login.conf files for reading | Sebastien Marie | |
| auth_userokay(3) needs to be able to read these files to properly respect configuration. ok tb@ matthieu@ | |||
| 2022-07-01 | X11 session startup: update list of ssh key files, tweak sh code | Christian Weisgerber | |
| ok matthieu@ | |||
| 2022-06-26 | Implement privilege separation in xlock(1). | Matthieu Herrb | |
| With feedback from stsp@, florian@, op@ ok florian@ op@. | |||
| 2022-06-26 | Update xsm to version 1.0.5 | Matthieu Herrb | |
| Bug fixes and gcc warnings removals. | |||
| 2022-06-26 | Update xlsfonts to version 1.0.7 | Matthieu Herrb | |
| Bug fixes + gcc warnings removal | |||
| 2022-06-26 | Update xload to version 1.1.4 | Matthieu Herrb | |
| No functional change. | |||
| 2022-06-26 | Update xedit to version 1.2.3 | Matthieu Herrb | |
| Bug fixes | |||
| 2022-06-26 | update xdpyinfo to version 1.3.3 | Matthieu Herrb | |
| Bug fixes. Among other correctly report recent X server versions. | |||
| 2022-06-25 | Get rid of remaining compiler warnings on OpenBSD | Matthieu Herrb | |
| 2022-06-25 | Update xclock to version 1.1.1 | Matthieu Herrb | |
| Bug fixes + smooth hands update in render mode | |||
| 2022-06-25 | Update xcalc to version 1.1.1 | Matthieu Herrb | |
| No functional changes. | |||
| 2022-06-25 | source files do not have the 'x' bit set. Use /bin/sh explicitely | Matthieu Herrb | |
| 2022-06-25 | add file missed by CVS or me in update to xauth 1.1.2 | Matthieu Herrb | |
| 2022-06-25 | Update xauth to version 1.1.2 | Matthieu Herrb | |
| Bug fixes. | |||
| 2022-06-25 | Update setxkbmap to version 1.3.3 | Matthieu Herrb | |
| Bug fixes. | |||
| 2022-06-25 | Update mkfontscale to version 1.2.2 | Matthieu Herrb | |
| Accept ExtraBold for T1 fonts. | |||
| 2022-06-25 | Update listres to version 1.0.5 | Matthieu Herrb | |
| No functional changes. | |||
| 2022-06-25 | Update iceauth to version 1.0.9 | Matthieu Herrb | |
| Bug fixes. | |||
| 2022-06-25 | Update editres to version 1.0.8. | Matthieu Herrb | |
| No functional changes. | |||
| 2022-06-25 | Update bitmap to version 1.1.0 | Matthieu Herrb | |
| Bug fixes + code reorganisation | |||
| 2022-06-25 | Update appres to version 1.0.6. | Matthieu Herrb | |
| No functional changes | |||
| 2022-06-04 | allowMouseOps default is disabled. adjust documentation. | Theo de Raadt | |
| 2022-05-22 | Document removal of exec-formatted(), exec-selectable() and | Matthieu Herrb | |
| spawn-new-terminal() functions. | |||
| 2022-05-22 | Back in darker times, xterm was setuid root to add a user entry to the | Theo de Raadt | |
| utmp and wtmp files at startup. real-uid / effective-uid flipping was used to cleanup the records in these two files at logout-time. Over time it was recognized that setuid root is too dangerous, later on even uid flipping became an unacceptable practice (because an attacker who finds a bug will simply flip the uid back to root before continuing exploitation). Some OS's helped xterm (and other similar login-related tooling) by making utmp writeable by a new utmp group, but most did not do the same for wtmp. xterm started using this new utmp gid, and the wtmp code moved to "try, and if it fails, ignore the failure". The obvious way to use this uid is for xterm to open the utmp file for write (early on), discard the egid, and keep the file descriptor around until utmp cleanup at termination. 10-20 lines of code, maybe. But no,.... that's not what happened. The previous setuid root flipping code (which is nearly a hundred lines of #ifdef-wrapped code for portability reasons) was copied and repurposed by adding new #ifdef code for setgid utmp flipping, and thus nearly a hundred lines of #ifdef-wrapped code was added). setgid flipping has less severe security risks than setuid flipping, but it is remains an excessively strong and unneccessary power (compared to a single writeable fd). When pledge() arrived on the scene, "wpath" was required so that the utmp file could be opened late, and "id" was required to support egid flipping. unveil() arrived on the scene, and the utmp path was added to the list of viable paths, once again not considering that an incorrect approach was being taken by the code. I tried rewriting the portable USE_UTMP_SETGID code to follow the open-drop-reuse-fd approach, to help out upstream xterm, but it is such a brain-melting shitshow I gave up, we'll have a (small) intrusive patch which opens utmp early, drops the gid, and reuses the fd later on. Maybe upstream will take care of this eventually to reduce the risk of egid other operating systems. ok matthieu, much feedback from millert | |||
| 2022-05-22 | Disable wtmp support on OpenBSD, it hasn't worked in nearly two decades | Theo de Raadt | |
| because we dropped setuid root around the, but the code to attempt it it was erroneously left behind ok matthieu | |||
 |
index : xenocara | |
| Xenocara |
| summaryrefslogtreecommitdiff |