xserver-xorg: Fix CVE-2017-10971

Backport 3 patches to fix CVE-2017-10971:

In the X.Org X server before 2017-06-19, a user authenticated to an X
Session could crash or execute code in the context of the X Server by
exploiting a stack overflow in the endianness conversion of X Events.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-10971

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 3 insertions, 0 deletions

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb
index 606367d1e9..65ef6c683b 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.3.bb
@@ -5,6 +5,9 @@ SRC_URI += "file://musl-arm-inb-outb.patch \
             file://0002-configure.ac-Fix-wayland-scanner-and-protocols-locat.patch \
             file://0003-modesetting-Fix-16-bit-depth-bpp-mode.patch \
             file://0003-Remove-check-for-useSIGIO-option.patch \
+            file://CVE-2017-10971-1.patch \
+            file://CVE-2017-10971-2.patch \
+            file://CVE-2017-10971-3.patch \
             "
 SRC_URI[md5sum] = "015d2fc4b9f2bfe7a626edb63a62c65e"
 SRC_URI[sha256sum] = "677a8166e03474719238dfe396ce673c4234735464d6dadf2959b600d20e5a98"