Author: dnicholson
Date: 2008-04-22 08:28:24 -0600 (Tue, 22 Apr 2008)
New Revision: 7395
Modified:
trunk/BOOK/introduction/welcome/changelog.xml
trunk/BOOK/x/installing/x7lib.xml
trunk/BOOK/x/installing/x7server.xml
trunk/auxfiles/xorg/app-7.2.md5
trunk/auxfiles/xorg/app-7.2.wget
Log:
Security updates for Xorg-7.2
Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml 2008-04-22 02:28:52 UTC
(rev 7394)
+++ trunk/BOOK/introduction/welcome/changelog.xml 2008-04-22 14:28:24 UTC
(rev 7395)
@@ -42,6 +42,16 @@
-->
<listitem>
+ <para>April 22nd, 2008</para>
+ <itemizedlist>
+ <listitem>
+ <para>[dnicholson] - Fix multiple security vulnerabilities in
+ xorg-server, libXfont and xfs for Xorg-7.2.</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+
+ <listitem>
<para>April 21st, 2008</para>
<itemizedlist>
<listitem>
Modified: trunk/BOOK/x/installing/x7lib.xml
===================================================================
--- trunk/BOOK/x/installing/x7lib.xml 2008-04-22 02:28:52 UTC (rev 7394)
+++ trunk/BOOK/x/installing/x7lib.xml 2008-04-22 14:28:24 UTC (rev 7395)
@@ -14,6 +14,7 @@
<!-- Versions for patches -->
<!ENTITY libX11-version "1.1.2">
+ <!ENTITY libXfont-version "1.2.8">
]>
@@ -71,6 +72,13 @@
<para>Required patch: <ulink
url="&patch-root;/libX11-&libX11-version;-badargs-1.patch"/></para>
</listitem>
+
+ <!-- Following patch is fixed in libXfont-1.3.2, which is compatible
+ with Xorg-7.3+ -->
+ <listitem>
+ <para>Required patch: <ulink
+
url="&patch-root;/libXfont-&libXfont-version;-pcf_parser-1.patch"/></para>
+ </listitem>
</itemizedlist>
<bridgehead renderas="sect3">Xorg Libraries Dependencies</bridgehead>
@@ -114,6 +122,9 @@
patch -Np1 -i ../libX11-&libX11-version;-badargs-1.patch &&
sed -i 's/_XGet/XGet/' modules/im/ximcp/imDefLkup.c
;;
+libXfont-&libXfont-version; )
+ patch -Np1 -i ../libXfont-&libXfont-version;-pcf_parser-1.patch
+ ;;
esac &&
./configure $XORG_CONFIG &&
make</userinput></screen>
@@ -144,6 +155,12 @@
<para><command>sed -i 's/_XGet/XGet/'
modules/im/ximcp/imDefLkup.c</command>:
This command fixes a locking bug in
<application>libX11</application>.</para>
+ <para><command>patch -Np1 -i
../libXfont-&libXfont-version;-pcf_parser-1.patch</command>:
+ This patch fixes a <ulink
+ url="http://wiki.x.org/wiki/Development/Security";>security
+ vulnerability</ulink> in the PCF font parser in
+ <application>libXfont</application>.</para>
+
</sect2>
<sect2 role="configuration">
Modified: trunk/BOOK/x/installing/x7server.xml
===================================================================
--- trunk/BOOK/x/installing/x7server.xml 2008-04-22 02:28:52 UTC (rev
7394)
+++ trunk/BOOK/x/installing/x7server.xml 2008-04-22 14:28:24 UTC (rev
7395)
@@ -56,12 +56,12 @@
</itemizedlist>
<!-- Following patch is security related and should be
- fixed for Xorg-7.3 -->
+ fixed for Xorg-7.4 -->
<bridgehead renderas="sect3">Additional Downloads</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>Required patch: <ulink
-
url="&patch-root;/xorg-server-&xorg-server-version;-xcmisc-1.patch"/></para>
+
url="&patch-root;/xorg-server-&xorg-server-version;-security-1.patch"/></para>
</listitem>
</itemizedlist>
@@ -89,12 +89,13 @@
<application>Xorg-server</application>.</para>
</note>
- <para>A <ulink url='http://wiki.x.org/wiki/Development/Security'>security
- vulnerability</ulink> has been identified in the xorg-server
- package. Apply a patch to fix this vulnerability with the following
+ <para>Multiple <ulink
+ url="http://wiki.x.org/wiki/Development/Security";>security
+ vulnerabilities</ulink> have been identified in the xorg-server
+ package. Apply a patch to fix these vulnerabilities with the following
command:</para>
-<screen><userinput>patch -Np1 -i
../xorg-server-&xorg-server-version;-xcmisc-1.patch</userinput></screen>
+<screen><userinput>patch -Np1 -i
../xorg-server-&xorg-server-version;-security-1.patch</userinput></screen>
<para>Install the server by running the following commands:</para>
Modified: trunk/auxfiles/xorg/app-7.2.md5
===================================================================
--- trunk/auxfiles/xorg/app-7.2.md5 2008-04-22 02:28:52 UTC (rev 7394)
+++ trunk/auxfiles/xorg/app-7.2.md5 2008-04-22 14:28:24 UTC (rev 7395)
@@ -47,7 +47,7 @@
c72abd90f50ef459bc14b39ec9fcc7f8 xfd-1.0.1.tar.bz2
5df3a162429bdd6ce5aea3ca5f6365b8 xfindproxy-1.0.1.tar.bz2
288fe4cf8a990e4e602aac16dd9109fb xfontsel-1.0.2.tar.bz2
-f43cb64d623b748208dfd9012d17b654 xfs-1.0.4.tar.bz2
+3fc73b5e39a1fe8b8d96563c8144cffe xfs-1.0.5.tar.bz2
e98b18fbce1261de30b1de819d86f48a xfsinfo-1.0.1.tar.bz2
0dbde8b3867032b9e4a383d46dfd7e48 xfwp-1.0.1.tar.bz2
45d8fa3c85d4bfda87251798fd605a45 xgamma-1.0.1.tar.bz2
Modified: trunk/auxfiles/xorg/app-7.2.wget
===================================================================
--- trunk/auxfiles/xorg/app-7.2.wget 2008-04-22 02:28:52 UTC (rev 7394)
+++ trunk/auxfiles/xorg/app-7.2.wget 2008-04-22 14:28:24 UTC (rev 7395)
@@ -49,7 +49,7 @@
xfd-1.0.1.tar.bz2
xfindproxy-1.0.1.tar.bz2
xfontsel-1.0.2.tar.bz2
-xfs-1.0.4.tar.bz2
+xfs-1.0.5.tar.bz2
xfsinfo-1.0.1.tar.bz2
xfwp-1.0.1.tar.bz2
xgamma-1.0.1.tar.bz2
--
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
