Summary: | update for x11-servers/xorg-server: multiple vulnerabilities | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Eygene Ryabinkin <rea-fbsd> | ||||
Component: | Individual Port(s) | Assignee: | freebsd-x11 (Nobody) <x11> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Only Me | CC: | x11 | ||||
Priority: | Normal | ||||||
Version: | Latest | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Eygene Ryabinkin
2007-01-10 10:00:30 UTC
Responsible Changed From-To: freebsd-ports-bugs->freebsd-x11 Over to maintainer lesi 2007-01-27 20:22:20 UTC FreeBSD ports repository Modified files: x11-servers/xorg-server Makefile distinfo Log: Add vendor patch preventing overwiting of data on the stack or other parts of server by dbe and render extensions. PR: ports/107733 Security: CVE-2006-6101 CVE-2006-6102 CVE-2006-6103 Revision Changes Path 1.41 +6 -1 ports/x11-servers/xorg-server/Makefile 1.6 +3 -0 ports/x11-servers/xorg-server/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org" lesi 2007-01-27 20:24:58 UTC FreeBSD ports repository Modified files: x11/xorg-libraries Makefile distinfo Log: Add vendor patch preventing arbitrary code execution or denial of service by adding malicious font to X server font path. PR: ports/107733 Security: CVE-2006-3739, CVE 2006-3740 Revision Changes Path 1.16 +5 -0 ports/x11/xorg-libraries/Makefile 1.6 +3 -0 ports/x11/xorg-libraries/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org" State Changed From-To: open->closed Rather than putting patches in files, vendor patches are used directly. Note that CVE-2006-3739 and CVE-2006-3740 apply to libraries rather than server. Thanks! |