Received: by mail.netbsd.org (Postfix, from userid 605) id E670585F14; Wed, 5 Oct 2016 11:20:04 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 0857F85EE2 for ; Wed, 5 Oct 2016 10:49:01 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id XOw5GO2MkW-W for ; Wed, 5 Oct 2016 10:49:00 +0000 (UTC) Received: from cvs.NetBSD.org (unknown [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 7EF9E85EDE for ; Wed, 5 Oct 2016 10:49:00 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 7C770FBD2; Wed, 5 Oct 2016 10:49:00 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Wed, 5 Oct 2016 10:49:00 +0000 From: "Manuel Bouyer" Subject: CVS commit: [netbsd-6-1] xsrc/xfree/xc To: source-changes@NetBSD.org X-Mailer: log_accum Message-Id: <20161005104900.7C770FBD2@cvs.NetBSD.org> Sender: source-changes-owner@NetBSD.org List-Id: source-changes.NetBSD.org Precedence: bulk Reply-To: source-changes-d@NetBSD.org Mail-Reply-To: "Manuel Bouyer" Mail-Followup-To: source-changes-d@NetBSD.org Module Name: xsrc Committed By: bouyer Date: Wed Oct 5 10:49:00 UTC 2016 Modified Files: xsrc/xfree/xc/lib/X11 [netbsd-6-1]: FontNames.c GetImage.c ListExt.c ModMap.c Xlibint.h xsrc/xfree/xc/lib/Xi [netbsd-6-1]: XGMotion.c XGetBMap.c XGetDCtl.c XGetFCtl.c XGetKMap.c XGetMMap.c XOpenDev.c XQueryDv.c xsrc/xfree/xc/lib/Xrender [netbsd-6-1]: Filter.c Xrender.c xsrc/xfree/xc/lib/Xtst [netbsd-6-1]: XRecord.c xsrc/xfree/xc/lib/Xv [netbsd-6-1]: Xv.c xsrc/xfree/xc/programs/Xserver/include [netbsd-6-1]: dix.h Log Message: Apply patch, requested my mrg in ticket 1411: xsrc/xfree/xc/lib/X11/FontNames.c patch xsrc/xfree/xc/lib/X11/GetImage.c patch xsrc/xfree/xc/lib/X11/ListExt.c patch xsrc/xfree/xc/lib/X11/ModMap.c patch xsrc/xfree/xc/lib/X11/Xlibint.h patch xsrc/xfree/xc/lib/Xi/XGMotion.c patch xsrc/xfree/xc/lib/Xi/XGetBMap.c patch xsrc/xfree/xc/lib/Xi/XGetDCtl.c patch xsrc/xfree/xc/lib/Xi/XGetFCtl.c patch xsrc/xfree/xc/lib/Xi/XGetKMap.c patch xsrc/xfree/xc/lib/Xi/XGetMMap.c patch xsrc/xfree/xc/lib/Xi/XOpenDev.c patch xsrc/xfree/xc/lib/Xi/XQueryDv.c patch xsrc/xfree/xc/lib/Xrender/Filter.c patch xsrc/xfree/xc/lib/Xrender/Xrender.c patch xsrc/xfree/xc/lib/Xtst/XRecord.c patch xsrc/xfree/xc/lib/Xv/Xv.c patch xsrc/xfree/xc/programs/Xserver/include/dix.h patch Fix (backported from upstream) the following issues in X client libraries: libX11 - insufficient validation of data from the X server can cause out of boundary memory read (XGetImage()) or write (XListFonts()). Affected versions libX11 <= 1.6.3 libXfixes - insufficient validation of data from the X server can cause an integer overflow on 32 bit architectures. Affected versions : libXfixes <= 5.0.2 libXi - insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service). Affected versions libXi <= 1.7.6 libXrandr - insufficient validation of data from the X server can cause out of boundary memory writes. Affected versions: libXrandr <= 1.5.0 libXrender - insufficient validation of data from the X server can cause out of boundary memory writes. Affected version: libXrender <= 0.9.9 XRecord - insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service). Affected version libXtst <= 1.2.2 libXv - insufficient validation of data from the X server can cause out of boundary memory and memory corruption. CVE-2016-5407 affected versions libXv <= 1.0.10 libXvMC - insufficient validation of data from the X server can cause a one byte buffer read underrun. Affected versions: libXvMC <= 1.0.9 To generate a diff of this commit: cvs rdiff -u -r1.1.1.5 -r1.1.1.5.32.1 xsrc/xfree/xc/lib/X11/FontNames.c \ xsrc/xfree/xc/lib/X11/GetImage.c xsrc/xfree/xc/lib/X11/ModMap.c cvs rdiff -u -r1.1.1.4 -r1.1.1.4.34.1 xsrc/xfree/xc/lib/X11/ListExt.c cvs rdiff -u -r1.1.1.7.20.1 -r1.1.1.7.20.2 xsrc/xfree/xc/lib/X11/Xlibint.h cvs rdiff -u -r1.1.1.5 -r1.1.1.5.34.1 xsrc/xfree/xc/lib/Xi/XGMotion.c \ xsrc/xfree/xc/lib/Xi/XGetBMap.c xsrc/xfree/xc/lib/Xi/XGetDCtl.c \ xsrc/xfree/xc/lib/Xi/XGetFCtl.c xsrc/xfree/xc/lib/Xi/XGetMMap.c \ xsrc/xfree/xc/lib/Xi/XOpenDev.c xsrc/xfree/xc/lib/Xi/XQueryDv.c cvs rdiff -u -r1.1.1.6 -r1.1.1.6.32.1 xsrc/xfree/xc/lib/Xi/XGetKMap.c cvs rdiff -u -r1.1.1.1 -r1.1.1.1.34.1 xsrc/xfree/xc/lib/Xrender/Filter.c cvs rdiff -u -r1.1.1.5 -r1.1.1.5.34.1 xsrc/xfree/xc/lib/Xrender/Xrender.c cvs rdiff -u -r1.1.1.6 -r1.1.1.6.20.1 xsrc/xfree/xc/lib/Xtst/XRecord.c cvs rdiff -u -r1.1.1.6 -r1.1.1.6.20.1 xsrc/xfree/xc/lib/Xv/Xv.c cvs rdiff -u -r1.1.1.6.32.1 -r1.1.1.6.32.2 \ xsrc/xfree/xc/programs/Xserver/include/dix.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.