Received: by mail.netbsd.org (Postfix, from userid 605) id D69AF85F32; Wed, 5 Oct 2016 11:20:02 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 1FBE085ED8 for ; Wed, 5 Oct 2016 10:47:46 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id WXB0hNvRApeL for ; Wed, 5 Oct 2016 10:47:45 +0000 (UTC) Received: from cvs.NetBSD.org (unknown [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 803E485ED6 for ; Wed, 5 Oct 2016 10:47:45 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 7E549FBD2; Wed, 5 Oct 2016 10:47:45 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Wed, 5 Oct 2016 10:47:45 +0000 From: "Manuel Bouyer" Subject: CVS commit: [netbsd-6-0] xsrc/external/mit To: source-changes@NetBSD.org X-Mailer: log_accum Message-Id: <20161005104745.7E549FBD2@cvs.NetBSD.org> Sender: source-changes-owner@NetBSD.org List-Id: source-changes.NetBSD.org Precedence: bulk Reply-To: source-changes-d@NetBSD.org Mail-Reply-To: "Manuel Bouyer" Mail-Followup-To: source-changes-d@NetBSD.org Module Name: xsrc Committed By: bouyer Date: Wed Oct 5 10:47:45 UTC 2016 Modified Files: xsrc/external/mit/libX11/dist/include/X11 [netbsd-6-0]: Xlibint.h xsrc/external/mit/libX11/dist/src [netbsd-6-0]: FontNames.c GetImage.c ListExt.c ModMap.c xsrc/external/mit/libXfixes/dist/src [netbsd-6-0]: Region.c xsrc/external/mit/libXi/dist/src [netbsd-6-0]: XGMotion.c XGetBMap.c XGetDCtl.c XGetFCtl.c XGetKMap.c XGetMMap.c XIQueryDevice.c XListDev.c XOpenDev.c XQueryDv.c xsrc/external/mit/libXrandr/dist/src [netbsd-6-0]: XrrConfig.c XrrCrtc.c XrrOutput.c XrrScreen.c xsrc/external/mit/libXrender/dist/src [netbsd-6-0]: Filter.c Xrender.c xsrc/external/mit/libXtst/dist/src [netbsd-6-0]: XRecord.c xsrc/external/mit/libXv/dist/src [netbsd-6-0]: Xv.c xsrc/external/mit/libXvMC/dist/src [netbsd-6-0]: XvMC.c Log Message: Apply patch, requested my mrg in ticket 1410: xsrc/external/mit/libX11/dist/include/X11/Xlibint.h patch xsrc/external/mit/libX11/dist/src/FontNames.c patch xsrc/external/mit/libX11/dist/src/GetImage.c patch xsrc/external/mit/libX11/dist/src/ListExt.c patch xsrc/external/mit/libX11/dist/src/ModMap.c patch xsrc/external/mit/libXfixes/dist/src/Region.c patch xsrc/external/mit/libXi/dist/src/XGMotion.c patch xsrc/external/mit/libXi/dist/src/XGetBMap.c patch xsrc/external/mit/libXi/dist/src/XGetDCtl.c patch xsrc/external/mit/libXi/dist/src/XGetFCtl.c patch xsrc/external/mit/libXi/dist/src/XGetKMap.c patch xsrc/external/mit/libXi/dist/src/XGetMMap.c patch xsrc/external/mit/libXi/dist/src/XIQueryDevice.c patch xsrc/external/mit/libXi/dist/src/XListDev.c patch xsrc/external/mit/libXi/dist/src/XOpenDev.c patch xsrc/external/mit/libXi/dist/src/XQueryDv.c patch xsrc/external/mit/libXrandr/dist/src/XrrConfig.c patch xsrc/external/mit/libXrandr/dist/src/XrrCrtc.c patch xsrc/external/mit/libXrandr/dist/src/XrrOutput.c patch xsrc/external/mit/libXrandr/dist/src/XrrProvider.c patch xsrc/external/mit/libXrandr/dist/src/XrrScreen.c patch xsrc/external/mit/libXrender/dist/src/Filter.c patch xsrc/external/mit/libXrender/dist/src/Xrender.c patch xsrc/external/mit/libXtst/dist/src/XRecord.c patch xsrc/external/mit/libXv/dist/src/Xv.c patch xsrc/external/mit/libXvMC/dist/src/XvMC.c patch Fix (backported from upstream) the following issues in X client libraries: libX11 - insufficient validation of data from the X server can cause out of boundary memory read (XGetImage()) or write (XListFonts()). Affected versions libX11 <= 1.6.3 libXfixes - insufficient validation of data from the X server can cause an integer overflow on 32 bit architectures. Affected versions : libXfixes <= 5.0.2 libXi - insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service). Affected versions libXi <= 1.7.6 libXrandr - insufficient validation of data from the X server can cause out of boundary memory writes. Affected versions: libXrandr <= 1.5.0 libXrender - insufficient validation of data from the X server can cause out of boundary memory writes. Affected version: libXrender <= 0.9.9 XRecord - insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service). Affected version libXtst <= 1.2.2 libXv - insufficient validation of data from the X server can cause out of boundary memory and memory corruption. CVE-2016-5407 affected versions libXv <= 1.0.10 libXvMC - insufficient validation of data from the X server can cause a one byte buffer read underrun. Affected versions: libXvMC <= 1.0.9 To generate a diff of this commit: cvs rdiff -u -r1.1.1.7.4.1 -r1.1.1.7.4.2 \ xsrc/external/mit/libX11/dist/include/X11/Xlibint.h cvs rdiff -u -r1.1.1.4.4.1 -r1.1.1.4.4.2 \ xsrc/external/mit/libX11/dist/src/FontNames.c \ xsrc/external/mit/libX11/dist/src/GetImage.c \ xsrc/external/mit/libX11/dist/src/ModMap.c cvs rdiff -u -r1.1.1.3.4.1 -r1.1.1.3.4.2 \ xsrc/external/mit/libX11/dist/src/ListExt.c cvs rdiff -u -r1.1.1.2 -r1.1.1.2.4.1 \ xsrc/external/mit/libXfixes/dist/src/Region.c cvs rdiff -u -r1.1.1.3.4.1 -r1.1.1.3.4.2 \ xsrc/external/mit/libXi/dist/src/XGMotion.c \ xsrc/external/mit/libXi/dist/src/XGetFCtl.c \ xsrc/external/mit/libXi/dist/src/XListDev.c \ xsrc/external/mit/libXi/dist/src/XQueryDv.c cvs rdiff -u -r1.1.1.2.4.1 -r1.1.1.2.4.2 \ xsrc/external/mit/libXi/dist/src/XGetBMap.c cvs rdiff -u -r1.1.1.4.4.1 -r1.1.1.4.4.2 \ xsrc/external/mit/libXi/dist/src/XGetDCtl.c cvs rdiff -u -r1.1.1.2 -r1.1.1.2.4.1 \ xsrc/external/mit/libXi/dist/src/XGetKMap.c \ xsrc/external/mit/libXi/dist/src/XGetMMap.c \ xsrc/external/mit/libXi/dist/src/XIQueryDevice.c \ xsrc/external/mit/libXi/dist/src/XOpenDev.c cvs rdiff -u -r1.1.1.3 -r1.1.1.3.4.1 \ xsrc/external/mit/libXrandr/dist/src/XrrConfig.c \ xsrc/external/mit/libXrandr/dist/src/XrrCrtc.c cvs rdiff -u -r1.1.1.2 -r1.1.1.2.4.1 \ xsrc/external/mit/libXrandr/dist/src/XrrOutput.c \ xsrc/external/mit/libXrandr/dist/src/XrrScreen.c cvs rdiff -u -r1.1.1.3.4.1 -r1.1.1.3.4.2 \ xsrc/external/mit/libXrender/dist/src/Filter.c cvs rdiff -u -r1.1.1.2.4.1 -r1.1.1.2.4.2 \ xsrc/external/mit/libXrender/dist/src/Xrender.c cvs rdiff -u -r1.1.1.3 -r1.1.1.3.4.1 \ xsrc/external/mit/libXtst/dist/src/XRecord.c cvs rdiff -u -r1.1.1.2.4.1 -r1.1.1.2.4.2 \ xsrc/external/mit/libXv/dist/src/Xv.c cvs rdiff -u -r1.1.1.2.4.1 -r1.1.1.2.4.2 \ xsrc/external/mit/libXvMC/dist/src/XvMC.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.