--- - branch: netbsd-8 date: Mon Nov 6 09:43:03 UTC 2017 files: - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/Xext/panoramiX.c pathrev: xsrc/external/mit/xorg-server.old/dist/Xext/panoramiX.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/Xext/saver.c pathrev: xsrc/external/mit/xorg-server.old/dist/Xext/saver.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/Xext/xvdisp.c pathrev: xsrc/external/mit/xorg-server.old/dist/Xext/xvdisp.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/Xi/xichangehierarchy.c pathrev: xsrc/external/mit/xorg-server.old/dist/Xi/xichangehierarchy.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/dbe/dbe.c pathrev: xsrc/external/mit/xorg-server.old/dist/dbe/dbe.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/dix/dispatch.c pathrev: xsrc/external/mit/xorg-server.old/dist/dix/dispatch.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/hw/dmx/dmxpict.c pathrev: xsrc/external/mit/xorg-server.old/dist/hw/dmx/dmxpict.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/hw/xfree86/dixmods/extmod/xf86dga2.c pathrev: xsrc/external/mit/xorg-server.old/dist/hw/xfree86/dixmods/extmod/xf86dga2.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/hw/xfree86/dri/xf86dri.c pathrev: xsrc/external/mit/xorg-server.old/dist/hw/xfree86/dri/xf86dri.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/render/render.c pathrev: xsrc/external/mit/xorg-server.old/dist/render/render.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/xfixes/cursor.c pathrev: xsrc/external/mit/xorg-server.old/dist/xfixes/cursor.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/xfixes/region.c pathrev: xsrc/external/mit/xorg-server.old/dist/xfixes/region.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/xfixes/saveset.c pathrev: xsrc/external/mit/xorg-server.old/dist/xfixes/saveset.c@1.1.1.1.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server.old/dist/xfixes/xfixes.c pathrev: xsrc/external/mit/xorg-server.old/dist/xfixes/xfixes.c@1.1.1.1.2.1 type: modified - new: 1.1.1.6.2.1 old: 1.1.1.6 path: xsrc/external/mit/xorg-server/dist/Xext/panoramiX.c pathrev: xsrc/external/mit/xorg-server/dist/Xext/panoramiX.c@1.1.1.6.2.1 type: modified - new: 1.1.1.7.2.1 old: 1.1.1.7 path: xsrc/external/mit/xorg-server/dist/Xext/saver.c pathrev: xsrc/external/mit/xorg-server/dist/Xext/saver.c@1.1.1.7.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server/dist/Xext/vidmode.c pathrev: xsrc/external/mit/xorg-server/dist/Xext/vidmode.c@1.1.1.1.2.1 type: modified - new: 1.1.1.4.2.1 old: 1.1.1.4 path: xsrc/external/mit/xorg-server/dist/Xext/xres.c pathrev: xsrc/external/mit/xorg-server/dist/Xext/xres.c@1.1.1.4.2.1 type: modified - new: 1.6.2.1 old: '1.6' path: xsrc/external/mit/xorg-server/dist/Xext/xvdisp.c pathrev: xsrc/external/mit/xorg-server/dist/Xext/xvdisp.c@1.6.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server/dist/Xi/xibarriers.c pathrev: xsrc/external/mit/xorg-server/dist/Xi/xibarriers.c@1.1.1.1.2.1 type: modified - new: 1.3.2.1 old: '1.3' path: xsrc/external/mit/xorg-server/dist/Xi/xichangehierarchy.c pathrev: xsrc/external/mit/xorg-server/dist/Xi/xichangehierarchy.c@1.3.2.1 type: modified - new: 1.3.2.1 old: '1.3' path: xsrc/external/mit/xorg-server/dist/dbe/dbe.c pathrev: xsrc/external/mit/xorg-server/dist/dbe/dbe.c@1.3.2.1 type: modified - new: 1.3.2.1 old: '1.3' path: xsrc/external/mit/xorg-server/dist/dix/dispatch.c pathrev: xsrc/external/mit/xorg-server/dist/dix/dispatch.c@1.3.2.1 type: modified - new: 1.1.1.5.2.1 old: 1.1.1.5 path: xsrc/external/mit/xorg-server/dist/hw/dmx/dmxpict.c pathrev: xsrc/external/mit/xorg-server/dist/hw/dmx/dmxpict.c@1.1.1.5.2.1 type: modified - new: 1.1.1.7.2.1 old: 1.1.1.7 path: xsrc/external/mit/xorg-server/dist/hw/xfree86/common/xf86DGA.c pathrev: xsrc/external/mit/xorg-server/dist/hw/xfree86/common/xf86DGA.c@1.1.1.7.2.1 type: modified - new: 1.1.1.5.2.1 old: 1.1.1.5 path: xsrc/external/mit/xorg-server/dist/hw/xfree86/dri/xf86dri.c pathrev: xsrc/external/mit/xorg-server/dist/hw/xfree86/dri/xf86dri.c@1.1.1.5.2.1 type: modified - new: 1.1.1.1.2.1 old: 1.1.1.1 path: xsrc/external/mit/xorg-server/dist/pseudoramiX/pseudoramiX.c pathrev: xsrc/external/mit/xorg-server/dist/pseudoramiX/pseudoramiX.c@1.1.1.1.2.1 type: modified - new: 1.3.2.1 old: '1.3' path: xsrc/external/mit/xorg-server/dist/render/render.c pathrev: xsrc/external/mit/xorg-server/dist/render/render.c@1.3.2.1 type: modified - new: 1.1.1.7.2.1 old: 1.1.1.7 path: xsrc/external/mit/xorg-server/dist/xfixes/cursor.c pathrev: xsrc/external/mit/xorg-server/dist/xfixes/cursor.c@1.1.1.7.2.1 type: modified - new: 1.1.1.6.2.1 old: 1.1.1.6 path: xsrc/external/mit/xorg-server/dist/xfixes/region.c pathrev: xsrc/external/mit/xorg-server/dist/xfixes/region.c@1.1.1.6.2.1 type: modified - new: 1.1.1.4.2.1 old: 1.1.1.4 path: xsrc/external/mit/xorg-server/dist/xfixes/saveset.c pathrev: xsrc/external/mit/xorg-server/dist/xfixes/saveset.c@1.1.1.4.2.1 type: modified - new: 1.1.1.5.2.1 old: 1.1.1.5 path: xsrc/external/mit/xorg-server/dist/xfixes/xfixes.c pathrev: xsrc/external/mit/xorg-server/dist/xfixes/xfixes.c@1.1.1.5.2.1 type: modified id: 20171106T094303Z.10fec7f2b45dc7b579fddb9c51f959f40b6aa773 log: "Pull up following revision(s) (requested by mrg in ticket #346):\n\texternal/mit/xorg-server.old/dist/Xext/panoramiX.c: 1.2\n\texternal/mit/xorg-server.old/dist/Xext/saver.c: 1.2\n\texternal/mit/xorg-server.old/dist/Xext/xvdisp.c: 1.2\n\texternal/mit/xorg-server.old/dist/Xi/xichangehierarchy.c: 1.2\n\texternal/mit/xorg-server.old/dist/dbe/dbe.c: 1.2\n\texternal/mit/xorg-server.old/dist/dix/dispatch.c: 1.2\n\texternal/mit/xorg-server.old/dist/hw/dmx/dmxpict.c: 1.2\n\texternal/mit/xorg-server.old/dist/hw/xfree86/dixmods/extmod/xf86dga2.c: 1.2\n\texternal/mit/xorg-server.old/dist/hw/xfree86/dri/xf86dri.c: 1.2\n\texternal/mit/xorg-server.old/dist/render/render.c: 1.2\n\texternal/mit/xorg-server.old/dist/xfixes/cursor.c: 1.2\n\texternal/mit/xorg-server.old/dist/xfixes/region.c: 1.2\n\texternal/mit/xorg-server.old/dist/xfixes/saveset.c: 1.2\n\texternal/mit/xorg-server.old/dist/xfixes/xfixes.c: 1.2\n\texternal/mit/xorg-server/dist/Xext/panoramiX.c: 1.2\n\texternal/mit/xorg-server/dist/Xext/saver.c: 1.2\n\texternal/mit/xorg-server/dist/Xext/vidmode.c: 1.2\n\texternal/mit/xorg-server/dist/Xext/xres.c: 1.2\n\texternal/mit/xorg-server/dist/Xext/xvdisp.c: 1.7\n\texternal/mit/xorg-server/dist/Xi/xibarriers.c: 1.2\n\texternal/mit/xorg-server/dist/Xi/xichangehierarchy.c: 1.4\n\texternal/mit/xorg-server/dist/dbe/dbe.c: 1.4\n\texternal/mit/xorg-server/dist/dix/dispatch.c: 1.4\n\texternal/mit/xorg-server/dist/hw/dmx/dmxpict.c: 1.2\n\texternal/mit/xorg-server/dist/hw/xfree86/common/xf86DGA.c: 1.2\n\texternal/mit/xorg-server/dist/hw/xfree86/dri/xf86dri.c: 1.2\n\texternal/mit/xorg-server/dist/pseudoramiX/pseudoramiX.c: 1.2\n\texternal/mit/xorg-server/dist/render/render.c: 1.4\n\texternal/mit/xorg-server/dist/xfixes/cursor.c: 1.2\n\texternal/mit/xorg-server/dist/xfixes/region.c: 1.2\n\texternal/mit/xorg-server/dist/xfixes/saveset.c: 1.2\n\texternal/mit/xorg-server/dist/xfixes/xfixes.c: 1.2\napply fixes for CVEs 2017-12176 to 2017-12187.\n--\nFrom 1b1d4c04695dced2463404174b50b3581dbd857b Mon Sep 17 00:00:00 2001\nFrom: Nathan Kidd \nDate: Sun, 21 Dec 2014 01:10:03 -0500\nSubject: hw/xfree86: unvalidated lengths\nThis addresses:\nCVE-2017-12180 in XFree86-VidModeExtension\nCVE-2017-12181 in XFree86-DGA\nCVE-2017-12182 in XFree86-DRI\n--\nFrom 211e05ac85a294ef361b9f80d689047fa52b9076 Mon Sep 17 00:00:00 2001\nFrom: Michal Srb \nDate: Fri, 7 Jul 2017 17:21:46 +0200\nSubject: Xi: Test exact size of XIBarrierReleasePointer\nOtherwise a client can send any value of num_barriers and cause reading or swapping of values on heap behind the receive buffer.\n--\nFrom 4ca68b878e851e2136c234f40a25008297d8d831 Mon Sep 17 00:00:00 2001\nFrom: Nathan Kidd \nDate: Fri, 9 Jan 2015 10:09:14 -0500\nSubject: dbe: Unvalidated variable-length request in ProcDbeGetVisualInfo\n (CVE-2017-12177)\nv2: Protect against integer overflow (Alan Coopersmith)\n--\nFrom 55caa8b08c84af2b50fbc936cf334a5a93dd7db5 Mon Sep 17 00:00:00 2001\nFrom: Nathan Kidd \nDate: Fri, 9 Jan 2015 11:43:05 -0500\nSubject: xfixes: unvalidated lengths (CVE-2017-12183)\nv2: Use before swap (Jeremy Huddleston Sequoia)\nv3: Fix wrong XFixesCopyRegion checks (Alan Coopersmith)\n--\nFrom 859b08d523307eebde7724fd1a0789c44813e821 Mon Sep 17 00:00:00 2001\nFrom: Nathan Kidd \nDate: Wed, 24 Dec 2014 16:22:18 -0500\nSubject: Xi: fix wrong extra length check in ProcXIChangeHierarchy\n (CVE-2017-12178)\n--\nFrom 9c23685009aa96f4b861dcc5d2e01dbee00c4dd9 Mon Sep 17 00:00:00 2001\nFrom: Michal Srb \nDate: Fri, 7 Jul 2017 17:04:03 +0200\nSubject: os: Make sure big requests have sufficient length.\nA client can send a big request where the 32B \"length\" field has value\n0. When the big request header is removed and the length corrected,\nthe value will underflow to 0xFFFFFFFF. Functions processing the\nrequest later will think that the client sent much more data and may\ntouch memory beyond the receive buffer.\n--\nFrom b747da5e25be944337a9cd1415506fc06b70aa81 Mon Sep 17 00:00:00 2001\nFrom: Nathan Kidd \nDate: Fri, 9 Jan 2015 10:15:46 -0500\nSubject: Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176)\n" module: xsrc subject: 'CVS commit: [netbsd-8] xsrc/external/mit' unixtime: '1509961383' user: snj