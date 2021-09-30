wayland 1.19.91

This is the alpha release for wayland 1.20. This release contains the following major changes: - FreeBSD support has been entirely upstreamed and has been added to our continuous integration system. - The autotools build system has been dropped. Meson has replaced it. - A few protocol additions: wl_surface.offset allows clients to update a surface's buffer offset independently from the buffer, wl_output.name and description allow clients to identify outputs without depending on xdg-output-unstable-v1. - In protocol definitions, events have a new "type" attribute and can now be marked as destructors. - A number of bug fixes, including a race condition when destroying proxies in multi-threaded clients. Full commit history below. Alex Richardson (17): Use MAP_FAILED instead of (void *) -1 os-wrappers-test.c: Correctly forward arguments to fcntl Change wl_os_dupfd_cloexec minfd to be int os-wrappers-test: Handle fcntl() being declared as a macro Use epoll-shim to emulate epoll(7) on FreeBSD gitlab-ci: update ci-templates to the latest commit gitlab-ci: remove duplicated lines in ci-templates include gitlab-ci: Fix copy-paste error in a comment gitlab-ci: add junit reports to the debian builder Support reading ucred from the socket on FreeBSD shm: Add mmap+memmove fallback if mremap() does not exist Use /dev/fd instead of /proc/self/fd test-runner: Implement is_debugger_attached() for FreeBSD test-helpers: use sysctl() to count open fds on FreeBSD Detect FreeBSD versions with broken MSG_CMSG_CLOEXEC Allow event-loop signal tests to pass on FreeBSD gitlab-ci: add a FreeBSD test job Alexander Dunaev (1): cursor: add one more directory to XCURSORPATH Damian Hobson-Garcia (1): server: stop wl_display event loop from any context Daniel Stone (10): ci: Add comments, rename build stages ci: Parameterise and template build ci: Add AArch64 build ci: Add ARMv7 build ci: Only run ci-fairy on MRs ci: Use consistent YAML indendation ci: Add release builds ci: Use appropriate concurrency level ci: Use Werror ci: Sanitise build and install paths Derek Foreman (6): client: Refactor wl_proxy_destroy critical section client: Add new proxy marshalling functions with flags scanner: Use the new atomic marshal/destroy function connection: Rename wl_buffer tests: Destroy custom global object debug: Fix printing of new ids Duncan McIntosh (1): wayland-shm: Check the size of sealed memory if ignoring SIGBUS handlers Fergus Dall (6): connection-test: Encode size in message headers correctly connection: Handle non-nullable strings in wl_connection_demarshal util: Avoid undefined behaviour in for_each_helper server: Fix undefined behavior in wl_socket_init_for_display_name connection-test: Pad out strings with null bytes os-wrappers-test: Make syscall intercepts work with sanitizers James Hilliard (2): meson: only require cpp for tests build: add option to disable tests James Legg (2): scanner: Use descriptions in entries tests: Test wayland-scanner with a description in an entry Jonas Ådahl (2): ci: Use ci-fairy to check for Signed-off-by protocol: Add wl_surface.offset Manuel Stoeckl (3): client: print discarded events in debug log connection, client: Avoid locale-dependent float printing client: handle fcntl error on bad fd in wl_display_connect Marius Vlad (1): src: Add missing new lines to log messages Matt Hoosier (1): protocol: mention that buffers with alpha are assumed premultiplied Michael Weiss (1): meson: Only require expat when building wayland-scanner Nick Diego Yamane (1): Document serial param usage in wl_pointer.set_cursor Olivier Fourdan (1): shm: Relax shm_pool_create_buffer() validity check Olivier Tilloy (1): cursor: Try to fall back to a default xcursor theme first Pekka Paalanen (2): CI: turn on ASan and UBSan wayland-util: avoid memcpy(NULL) in wl_array_copy() Simon McVittie (1): build: Include the Wayland minor version in libraries' ABI versions Simon Ser (18): build: re-open master for regular development client: assert queue display matches proxy build: drop autotools build: replace assembly embedding with Python script protocol: drop reference to wl_drm shm: remove wl_shm_buffer.pool NULL checks protocol: allow immediate wl_buffer.destroy if not re-used shm: add safety assertions protocol: clarify wl_seat.name description shm: document wl_shm_buffer connection: print array size cursor: rename load_default_theme to load_fallback_theme cursor: remove unused wl_cursor_theme.name protocol: mention that keymap mapping must be read-only protocol: add note about wl_output.done in events protocol: add wl_output.{name,description} protocol: wl_shm uses pre-multiplied alpha build: bump to version 1.19.91 for the alpha release Tadeo Kondrak (2): protocol: Add type attribute to events protocol: Specify wl_callback::done to be a destructor event Tobias Stoeckmann (2): cursor: fix CVE-2013-2003 cursor: fix crash with weird input files Vlad Zahorodnii (1): server: add wl_display getter for wl_global sheepwall (1): server: remove duplicate include git tag: 1.19.91

FreeBSD 12.3-BETA3 Now Available

The third BETA build of the 12.3-RELEASE release cycle is now available. Installation images are available for: o 12.3-BETA3 amd64 GENERIC o 12.3-BETA3 i386 GENERIC o 12.3-BETA3 powerpc GENERIC o 12.3-BETA3 powerpc64 GENERIC64 o 12.3-BETA3 powerpcspe MPC85XXSPE o 12.3-BETA3 sparc64 GENERIC o 12.3-BETA3 armv6 RPI-B o 12.3-BETA3 armv7 BANANAPI o 12.3-BETA3 armv7 BEAGLEBONE o 12.3-BETA3 armv7 CUBIEBOARD o 12.3-BETA3 armv7 CUBIEBOARD2 o 12.3-BETA3 armv7 CUBOX-HUMMINGBOARD o 12.3-BETA3 armv7 RPI2 o 12.3-BETA3 armv7 WANDBOARD o 12.3-BETA3 armv7 GENERICSD o 12.3-BETA3 aarch64 GENERIC o 12.3-BETA3 aarch64 RPI3 o 12.3-BETA3 aarch64 PINE64 o 12.3-BETA3 aarch64 PINE64-LTS Note regarding arm SD card images: For convenience for those without console access to the system, a freebsd user with a password of freebsd is available by default for ssh(1) access. Additionally, the root user password is set to root. It is strongly recommended to change the password for both users after gaining access to the system. Installer images and memory stick images are available here: https://download.freebsd.org/ftp/releases/ISO-IMAGES/12.3/ The image checksums follow at the end of this e-mail. If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list. If you would like to use SVN to do a source based update of an existing system, use the "releng/12.3" branch. A summary of changes since 12.3-BETA2 includes: o A fix for use after free in combination with EVDEV_SUPPORT has been added to the usb(4) stack. Please note, the release notes page is not yet complete, and will be updated on an ongoing basis as the 12.3-RELEASE cycle progresses. === Virtual Machine Disk Images === VM disk images are available for the amd64, i386, and aarch64 architectures. Disk images may be downloaded from the following URL (or any of the FreeBSD download mirrors): https://download.freebsd.org/ftp/releases/VM-IMAGES/12.3-BETA3/ The partition layout is: ~ 16 kB - freebsd-boot GPT partition type (bootfs GPT label) ~ 1 GB - freebsd-swap GPT partition type (swapfs GPT label) ~ 20 GB - freebsd-ufs GPT partition type (rootfs GPT label) The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats. The image download size is approximately 135 MB and 165 MB respectively (amd64/i386), decompressing to a 21 GB sparse image. Note regarding arm64/aarch64 virtual machine images: a modified QEMU EFI loader file is needed for qemu-system-aarch64 to be able to boot the virtual machine images. See this page for more information: https://wiki.freebsd.org/arm64/QEMU To boot the VM image, run: % qemu-system-aarch64 -m 4096M -cpu cortex-a57 -M virt \ -bios QEMU_EFI.fd -serial telnet::4444,server -nographic \ -drive if=none,file=VMDISK,id=hd0 \ -device virtio-blk-device,drive=hd0 \ -device virtio-net-device,netdev=net0 \ -netdev user,id=net0 Be sure to replace "VMDISK" with the path to the virtual machine image. === Amazon EC2 AMI Images === FreeBSD/amd64 EC2 AMIs are available in the following regions: af-south-1 region: ami-0474575e4743c09ef eu-north-1 region: ami-086d14e67901fbe18 ap-south-1 region: ami-0070d860537d0ded8 eu-west-3 region: ami-0b3dc01c43c0912fe eu-west-2 region: ami-0980e2d73f5d45dde eu-south-1 region: ami-0e7f23b4407ea2984 eu-west-1 region: ami-07e6a1fef7da32d00 ap-northeast-3 region: ami-05abadc5c531ee229 ap-northeast-2 region: ami-0d19b72fb447f1351 me-south-1 region: ami-04594b13da5f816c8 ap-northeast-1 region: ami-0a22abde412c924dd sa-east-1 region: ami-0b1c3ebd4e3c3d110 ca-central-1 region: ami-00a7cbd0c72d71f34 ap-east-1 region: ami-04764a6d430eee081 ap-southeast-1 region: ami-0eeeacb4006f6c3dc ap-southeast-2 region: ami-090d2e10d03f4e7e2 eu-central-1 region: ami-08b58933a7123b517 us-east-1 region: ami-01c2add58c60cdaa0 us-east-2 region: ami-089ef8724c5788778 us-west-1 region: ami-09675dff8007c2120 us-west-2 region: ami-04dcf23effaa07fa2 These AMI IDs can be retrieved from the Systems Manager Parameter Store in each region using the keys: /aws/service/freebsd/amd64/base/ufs/12.3/BETA3 FreeBSD/aarch64 EC2 AMIs are available in the following regions: af-south-1 region: ami-0ddb2ab71276a1cd2 eu-north-1 region: ami-067904d4b39b13b52 ap-south-1 region: ami-0914a27f72a3defcb eu-west-3 region: ami-0a067d26bbb475270 eu-west-2 region: ami-0445d628b7727bbc0 eu-south-1 region: ami-0f0c5ab6ae5a0222e eu-west-1 region: ami-0fe3c1f09940fc2a5 ap-northeast-3 region: ami-041c97971472b0b2a ap-northeast-2 region: ami-0dc899119ea13ebbe me-south-1 region: ami-01aba86d507b0caad ap-northeast-1 region: ami-0177cd37b15b7cf32 sa-east-1 region: ami-00d3752ace91695cc ca-central-1 region: ami-0092b0802c7929b82 ap-east-1 region: ami-0c14a86ca5234df3f ap-southeast-1 region: ami-09b5c8e04397b1a0c ap-southeast-2 region: ami-0bd853e50e9cbd099 eu-central-1 region: ami-079e8694c2b8b9b71 us-east-1 region: ami-0006ee96beca8fec2 us-east-2 region: ami-0de58b11cdcc18d5b us-west-1 region: ami-0c96f66557b5771af us-west-2 region: ami-025360ab398d1f77a These AMI IDs can be retrieved from the Systems Manager Parameter Store in each region using the keys: /aws/service/freebsd/arm64/base/ufs/12.3/BETA3 === Vagrant Images === FreeBSD/amd64 images are available on the Hashicorp Atlas site, and can be installed by running: % vagrant init freebsd/FreeBSD-12.3-BETA3 % vagrant up === Upgrading === The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases. Systems running earlier FreeBSD releases can upgrade as follows: # freebsd-update upgrade -r 12.3-BETA3 During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly. # freebsd-update install The system must be rebooted with the newly installed kernel before continuing. # shutdown -r now After rebooting, freebsd-update needs to be run again to install the new userland components: # freebsd-update install It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 11.x. Alternatively, the user can install misc/compat11x and other compatibility libraries, afterwards the system must be rebooted into the new userland: # shutdown -r now Finally, after rebooting, freebsd-update needs to be run again to remove stale files: # freebsd-update install

An inside look into the illicit ad industry

One day, I was chilling in IRC, when I got a PM from my friend: he had gotten an inquiry from a possible client that needed help reverse engineering a piece of obfuscated JavaScript. I said something like “sounds like fun, send it over, and I’ll see what I come up with.” The script in question was called popunder.js and did exactly what you think it does. The customer in question had started a popunder ad network, and needed help adapting this obfuscated popunder script to work with his system, which he built using a software called Revive Adserver, a fork of the last GPL version of OpenX. I rolled my eyes and reverse engineered the script for him, allowing him to adapt it for his ad network. The adaptation was a success, and he wired me a sum that was triple my quoted hourly rate. This, admittedly, resulted in me being very curious about his business, as at the time, I was not used to making that kind of money. Actually, I’m still not. A few weeks passed, and he approached me with a proposition: he needed somebody who could reverse engineer the JavaScript programs delivered by ad networks and figure out how the scripts worked. As he was paying considerably more than my advertised hourly rate, I agreed, and got to work reverse engineering the JavaScript programs he required. It was nearly a full time job, as these programs kept evolving. In retrospect, he probably wasn’t doing anything with the reports I wrote on each piece of JavaScript I reverse engineered, as that wasn’t the actual point of the exercise: in reality, he wanted me to become familiar with the techniques ad networks used to detect fraud, so that we could develop countermeasures. In other words, the engagement evolved into a red-team type engagement, except that we weren’t testing the ad networks for their sake, but instead ours.