Module Name: src
Committed By: snj
Date: Mon Jan 2 23:55:31 UTC 2012
Modified Files:
src/doc [netbsd-5-0]: CHANGES-5.0.3
Log Message:
1707
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.57 -r1.1.2.58 src/doc/CHANGES-5.0.3
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-5.0.3
diff -u src/doc/CHANGES-5.0.3:1.1.2.57 src/doc/CHANGES-5.0.3:1.1.2.58
--- src/doc/CHANGES-5.0.3:1.1.2.57 Sat Dec 31 20:03:50 2011
+++ src/doc/CHANGES-5.0.3 Mon Jan 2 23:55:31 2012
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-5.0.3,v 1.1.2.57 2011/12/31 20:03:50 snj Exp $
+# $NetBSD: CHANGES-5.0.3,v 1.1.2.58 2012/01/02 23:55:31 snj Exp $
A complete list of changes from the NetBSD 5.0.2 release to the NetBSD 5.0.3
release:
@@ -2886,3 +2886,13 @@ lib/libtelnet/encrypt.c 1.15
Avoid buffer overflow, reported by Colin Percival at FreeBSD
[christos, ticket #1704]
+xsrc/xfree/xc/programs/Xserver/fb/fbpict.c 1.5
+xsrc/xfree/xc/programs/Xserver/mi/miarc.c 1.2
+xsrc/xfree/xc/programs/Xserver/mi/misprite.c 1.2
+
+ mod(a,b) used to be defined with a - in front of naked a, such that
+ uses of mod with certain arithmetic expressions as a led to
+ surprising results, namely the one in Xrender praised in
+ CVE-2010-1166.
+ [is, ticket #1707]
+
