Sun Dec 21 16:14:05 2014 UTC ()
Fix CVE-2013-6424 using
http://lists.x.org/archives/xorg-devel/2013-October/037996.html

Bump PKGREVISION.


(wiz)
diff -r1.85 -r1.86 pkgsrc/x11/modular-xorg-server/Makefile
diff -r1.54 -r1.55 pkgsrc/x11/modular-xorg-server/distinfo
diff -r0 -r1.1 pkgsrc/x11/modular-xorg-server/patches/patch-exa_exa__render.c
diff -r0 -r1.1 pkgsrc/x11/modular-xorg-server/patches/patch-render_picture.h
cvs diff -r1.85 -r1.86 pkgsrc/x11/modular-xorg-server/Makefile (expand / switch to unified diff)

--- pkgsrc/x11/modular-xorg-server/Makefile 2014/12/21 16:13:42 1.85
+++ pkgsrc/x11/modular-xorg-server/Makefile 2014/12/21 16:14:05 1.86
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1# $NetBSD: Makefile,v 1.85 2014/12/21 16:13:42 wiz Exp $ 1# $NetBSD: Makefile,v 1.86 2014/12/21 16:14:05 wiz Exp $
2 2
3DISTNAME= xorg-server-1.12.4 3DISTNAME= xorg-server-1.12.4
4PKGNAME= modular-${DISTNAME} 4PKGNAME= modular-${DISTNAME}
5PKGREVISION= 6 5PKGREVISION= 7
6CATEGORIES= x11 6CATEGORIES= x11
7MASTER_SITES= ${MASTER_SITE_XORG:=xserver/} 7MASTER_SITES= ${MASTER_SITE_XORG:=xserver/}
8EXTRACT_SUFX= .tar.bz2 8EXTRACT_SUFX= .tar.bz2
9 9
10MAINTAINER= pkgsrc-users@NetBSD.org 10MAINTAINER= pkgsrc-users@NetBSD.org
11HOMEPAGE= http://xorg.freedesktop.org/ 11HOMEPAGE= http://xorg.freedesktop.org/
12COMMENT= Modular X11 server from modular X.org 12COMMENT= Modular X11 server from modular X.org
13 13
14SPECIAL_PERMS+= bin/Xorg ${SETUID_ROOT_PERMS} 14SPECIAL_PERMS+= bin/Xorg ${SETUID_ROOT_PERMS}
15 15
16GNU_CONFIGURE= yes 16GNU_CONFIGURE= yes
17USE_LIBTOOL= yes 17USE_LIBTOOL= yes
18USE_TOOLS+= gmake pkg-config 18USE_TOOLS+= gmake pkg-config
cvs diff -r1.54 -r1.55 pkgsrc/x11/modular-xorg-server/distinfo (expand / switch to unified diff)

--- pkgsrc/x11/modular-xorg-server/distinfo 2014/12/21 16:09:00 1.54
+++ pkgsrc/x11/modular-xorg-server/distinfo 2014/12/21 16:14:05 1.55
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1$NetBSD: distinfo,v 1.54 2014/12/21 16:09:00 wiz Exp $ 1$NetBSD: distinfo,v 1.55 2014/12/21 16:14:05 wiz Exp $
2 2
3SHA1 (xorg-server-1.12.4.tar.bz2) = 6d616874f9c7677bda08dc073c03f83e78fbc585 3SHA1 (xorg-server-1.12.4.tar.bz2) = 6d616874f9c7677bda08dc073c03f83e78fbc585
4RMD160 (xorg-server-1.12.4.tar.bz2) = 4907b5dc42efd6b3fb6bf9d64f1441080a6a6983 4RMD160 (xorg-server-1.12.4.tar.bz2) = 4907b5dc42efd6b3fb6bf9d64f1441080a6a6983
5Size (xorg-server-1.12.4.tar.bz2) = 5444761 bytes 5Size (xorg-server-1.12.4.tar.bz2) = 5444761 bytes
6SHA1 (patch-Xext_xcmisc.c) = 8bf7ff8c928b14f6e98d2f1240ea5736bcf43021 6SHA1 (patch-Xext_xcmisc.c) = 8bf7ff8c928b14f6e98d2f1240ea5736bcf43021
7SHA1 (patch-Xext_xvdisp.c) = 5c85a221d11f9893bc68d223cf75e63c00586a9f 7SHA1 (patch-Xext_xvdisp.c) = 5c85a221d11f9893bc68d223cf75e63c00586a9f
8SHA1 (patch-Xi_chgdctl.c) = 0bba99d4fe90832d9f364aa4d2eef4ba7f18ff24 8SHA1 (patch-Xi_chgdctl.c) = 0bba99d4fe90832d9f364aa4d2eef4ba7f18ff24
9SHA1 (patch-Xi_chgfctl.c) = 1fb0fb890fc28e5374a00cc29aeee8ae1401f41c 9SHA1 (patch-Xi_chgfctl.c) = 1fb0fb890fc28e5374a00cc29aeee8ae1401f41c
10SHA1 (patch-Xi_sendexev.c) = 387d7382ad31b85530cdfb068831b29cf2f15755 10SHA1 (patch-Xi_sendexev.c) = 387d7382ad31b85530cdfb068831b29cf2f15755
11SHA1 (patch-Xi_xiallowev.c) = 4d10addbd669bd3b867b6e209e876806c402f3e2 11SHA1 (patch-Xi_xiallowev.c) = 4d10addbd669bd3b867b6e209e876806c402f3e2
12SHA1 (patch-Xi_xichangecursor.c) = f123415ca0b481bca7f43731992d8ce3ef842aac 12SHA1 (patch-Xi_xichangecursor.c) = f123415ca0b481bca7f43731992d8ce3ef842aac
13SHA1 (patch-Xi_xichangehierarchy.c) = 35ac279d2f7c4ed57bc583df2067a13c1dbee1bf 13SHA1 (patch-Xi_xichangehierarchy.c) = 35ac279d2f7c4ed57bc583df2067a13c1dbee1bf
14SHA1 (patch-Xi_xigetclientpointer.c) = 7bac39459d98cf13fcd33582a594f67c53936881 14SHA1 (patch-Xi_xigetclientpointer.c) = 7bac39459d98cf13fcd33582a594f67c53936881
@@ -17,46 +17,48 @@ SHA1 (patch-Xi_xipassivegrab.c) = 2a8c97 @@ -17,46 +17,48 @@ SHA1 (patch-Xi_xipassivegrab.c) = 2a8c97
17SHA1 (patch-Xi_xiproperty.c) = ba3fd9f9305f95ecf616cea5b221aa2a5de03096 17SHA1 (patch-Xi_xiproperty.c) = ba3fd9f9305f95ecf616cea5b221aa2a5de03096
18SHA1 (patch-Xi_xiquerydevice.c) = 33d70ace5b969521e573eb4ce416185b910374db 18SHA1 (patch-Xi_xiquerydevice.c) = 33d70ace5b969521e573eb4ce416185b910374db
19SHA1 (patch-Xi_xiquerypointer.c) = e9dc180b4697d7a519d470e4f879a61dd64be2f2 19SHA1 (patch-Xi_xiquerypointer.c) = e9dc180b4697d7a519d470e4f879a61dd64be2f2
20SHA1 (patch-Xi_xiselectev.c) = a17d893af3855f8676f4747defcb2b6866db0ec6 20SHA1 (patch-Xi_xiselectev.c) = a17d893af3855f8676f4747defcb2b6866db0ec6
21SHA1 (patch-Xi_xisetclientpointer.c) = 3e1c4c7087383474f39362f9b53bc449d35b28ee 21SHA1 (patch-Xi_xisetclientpointer.c) = 3e1c4c7087383474f39362f9b53bc449d35b28ee
22SHA1 (patch-Xi_xisetdevfocus.c) = add3a8f096fa90c9966128f8641e447c570a8a11 22SHA1 (patch-Xi_xisetdevfocus.c) = add3a8f096fa90c9966128f8641e447c570a8a11
23SHA1 (patch-Xi_xiwarppointer.c) = 0567dcc1ff2f8de4fa5caf865edd084611ff8c5c 23SHA1 (patch-Xi_xiwarppointer.c) = 0567dcc1ff2f8de4fa5caf865edd084611ff8c5c
24SHA1 (patch-configure) = 031bc0accf1dd71ed687e7aac3fcc9498cb06784 24SHA1 (patch-configure) = 031bc0accf1dd71ed687e7aac3fcc9498cb06784
25SHA1 (patch-configure.ac) = c7dc061377e3bb25425ad3f418c40a45a0e55440 25SHA1 (patch-configure.ac) = c7dc061377e3bb25425ad3f418c40a45a0e55440
26SHA1 (patch-dbe_dbe.c) = 7c31812b30613b42e509677b6a430d261046a77a 26SHA1 (patch-dbe_dbe.c) = 7c31812b30613b42e509677b6a430d261046a77a
27SHA1 (patch-dix_dispatch.c) = 454ce12b27d3906b22f32d7d4c1a3a6a6fb549e3 27SHA1 (patch-dix_dispatch.c) = 454ce12b27d3906b22f32d7d4c1a3a6a6fb549e3
28SHA1 (patch-dix_dixfonts.c) = 2f1fd51c538eab12c06b85c4ddab18af25338174 28SHA1 (patch-dix_dixfonts.c) = 2f1fd51c538eab12c06b85c4ddab18af25338174
29SHA1 (patch-dix_region.c) = 0a7fe6f67c4780c003f1e662be20e2294a7562f2 29SHA1 (patch-dix_region.c) = 0a7fe6f67c4780c003f1e662be20e2294a7562f2
 30SHA1 (patch-exa_exa__render.c) = e20fd4a8d30162d3d7b084ed2dbd46779387f25a
30SHA1 (patch-glx_glxcmds.c) = 2566885001178f47eb151a2ef84450b60137f3c1 31SHA1 (patch-glx_glxcmds.c) = 2566885001178f47eb151a2ef84450b60137f3c1
31SHA1 (patch-glx_glxcmdsswap.c) = b9a0d5386ba928d2db95885f0b68414ffbae71ef 32SHA1 (patch-glx_glxcmdsswap.c) = b9a0d5386ba928d2db95885f0b68414ffbae71ef
32SHA1 (patch-glx_glxserver.h) = 47bd1cc49dbf761c042f00adc6db8cec2a038501 33SHA1 (patch-glx_glxserver.h) = 47bd1cc49dbf761c042f00adc6db8cec2a038501
33SHA1 (patch-glx_indirect__program.c) = fb49f91690ff3488e11f4708f23aaa358f98d40c 34SHA1 (patch-glx_indirect__program.c) = fb49f91690ff3488e11f4708f23aaa358f98d40c
34SHA1 (patch-glx_indirect__reqsize.c) = 0b0305bb8b6a215f0e7548bf85ea571bed8df00b 35SHA1 (patch-glx_indirect__reqsize.c) = 0b0305bb8b6a215f0e7548bf85ea571bed8df00b
35SHA1 (patch-glx_indirect__reqsize.h) = fa963a97083dc5b0cf6f80b76905ce1f21ea0d5e 36SHA1 (patch-glx_indirect__reqsize.h) = fa963a97083dc5b0cf6f80b76905ce1f21ea0d5e
36SHA1 (patch-glx_indirect__texture__compression.c) = b2af15e99e65c7f43a0218f6813b5bd4407618ea 37SHA1 (patch-glx_indirect__texture__compression.c) = b2af15e99e65c7f43a0218f6813b5bd4407618ea
37SHA1 (patch-glx_indirect__util.c) = 182c3c5768e87118ace979304a350c137a1119db 38SHA1 (patch-glx_indirect__util.c) = 182c3c5768e87118ace979304a350c137a1119db
38SHA1 (patch-glx_rensize.c) = 574c5bf883ba9046e5cab52c0bd2919440ad1460 39SHA1 (patch-glx_rensize.c) = 574c5bf883ba9046e5cab52c0bd2919440ad1460
39SHA1 (patch-glx_single2.c) = 05cd1c9ba051561d68a28e23af7a5e7aaa942b82 40SHA1 (patch-glx_single2.c) = 05cd1c9ba051561d68a28e23af7a5e7aaa942b82
40SHA1 (patch-glx_single2swap.c) = 900787c9b5e5f842141ea146f1b06740cfa7aa81 41SHA1 (patch-glx_single2swap.c) = 900787c9b5e5f842141ea146f1b06740cfa7aa81
41SHA1 (patch-glx_singlepix.c) = 72ac42939b37ae0d57fc06453344ca76cdf2c856 42SHA1 (patch-glx_singlepix.c) = 72ac42939b37ae0d57fc06453344ca76cdf2c856
42SHA1 (patch-glx_singlepixswap.c) = 1e3d54d3082a59d21edd81276980b953efc39ebb 43SHA1 (patch-glx_singlepixswap.c) = 1e3d54d3082a59d21edd81276980b953efc39ebb
43SHA1 (patch-glx_swap__interval.c) = 2ff4e2e7d2793dd8558b04c1f72abfa81998f2c6 44SHA1 (patch-glx_swap__interval.c) = 2ff4e2e7d2793dd8558b04c1f72abfa81998f2c6
44SHA1 (patch-glx_unpack.h) = 5ae5c10c93835cb51c08f5dae05c5a5e2afaad98 45SHA1 (patch-glx_unpack.h) = 5ae5c10c93835cb51c08f5dae05c5a5e2afaad98
45SHA1 (patch-hw_xfree86_common_compiler.h) = 88de747715b80b22f448869ab32dce1641bcb6db 46SHA1 (patch-hw_xfree86_common_compiler.h) = 88de747715b80b22f448869ab32dce1641bcb6db
46SHA1 (patch-hw_xfree86_dri2_dri2ext.c) = bc2b57e4bef5ae386d1d3a015c01d243f8880ab4 47SHA1 (patch-hw_xfree86_dri2_dri2ext.c) = bc2b57e4bef5ae386d1d3a015c01d243f8880ab4
47SHA1 (patch-hw_xfree86_os-support_xf86__OSlib.h) = 7c2760509610b44915da077b22899bef9c338cc1 48SHA1 (patch-hw_xfree86_os-support_xf86__OSlib.h) = 7c2760509610b44915da077b22899bef9c338cc1
48SHA1 (patch-include_dix.h) = ab0dc2debd87f29c0ac7f971a3cad4850b239c3a 49SHA1 (patch-include_dix.h) = ab0dc2debd87f29c0ac7f971a3cad4850b239c3a
49SHA1 (patch-include_regionstr.h) = c6f3e3b263593b622e7087d3ebe2b470cf9526e3 50SHA1 (patch-include_regionstr.h) = c6f3e3b263593b622e7087d3ebe2b470cf9526e3
50SHA1 (patch-os_access.c) = 94ee087d68bc9ba713dbe42102f971a1b8e6a3c4 51SHA1 (patch-os_access.c) = 94ee087d68bc9ba713dbe42102f971a1b8e6a3c4
51SHA1 (patch-os_rpcauth.c) = 6617d5ef0e3cc5e9e10cd8db74f87e347e52ebe3 52SHA1 (patch-os_rpcauth.c) = 6617d5ef0e3cc5e9e10cd8db74f87e347e52ebe3
52SHA1 (patch-randr_rrsdispatch.c) = 13a2e819fea3ab8fa4caee7f9450a518ac41e517 53SHA1 (patch-randr_rrsdispatch.c) = 13a2e819fea3ab8fa4caee7f9450a518ac41e517
 54SHA1 (patch-render_picture.h) = ec7085022e2c896daaa91378632003aabd957f5e
53SHA1 (patch-render_render.c) = f86496fc392681d2fba3c50bbd37b24b78bed682 55SHA1 (patch-render_render.c) = f86496fc392681d2fba3c50bbd37b24b78bed682
54SHA1 (patch-test_Makefile.am) = 77caa0c25103307d5bd30178f72e552dbae9555a 56SHA1 (patch-test_Makefile.am) = 77caa0c25103307d5bd30178f72e552dbae9555a
55SHA1 (patch-test_misc.c) = 1615c03ceb595fa976a571455723665025c14aa0 57SHA1 (patch-test_misc.c) = 1615c03ceb595fa976a571455723665025c14aa0
56SHA1 (patch-test_xi1_Makefile.am) = c5b7a86f6b4e8381c3063fa840de5e238a5877a4 58SHA1 (patch-test_xi1_Makefile.am) = c5b7a86f6b4e8381c3063fa840de5e238a5877a4
57SHA1 (patch-test_xi1_protocol-xchangedevicecontrol.c) = e3efd2a5e8f93f6acf2f561451ca3d26a70ad826 59SHA1 (patch-test_xi1_protocol-xchangedevicecontrol.c) = e3efd2a5e8f93f6acf2f561451ca3d26a70ad826
58SHA1 (patch-test_xi2_protocol-xigetclientpointer.c) = e2eb3995d0bae797ba86d81165930dcd7365c74d 60SHA1 (patch-test_xi2_protocol-xigetclientpointer.c) = e2eb3995d0bae797ba86d81165930dcd7365c74d
59SHA1 (patch-test_xi2_protocol-xipassivegrabdevice.c) = 503566a73fe797a98f637fb9dd497d55e7e7db1d 61SHA1 (patch-test_xi2_protocol-xipassivegrabdevice.c) = 503566a73fe797a98f637fb9dd497d55e7e7db1d
60SHA1 (patch-test_xi2_protocol-xiquerypointer.c) = 6594dff2bccac46aa4b8aec7c517d122517407ad 62SHA1 (patch-test_xi2_protocol-xiquerypointer.c) = 6594dff2bccac46aa4b8aec7c517d122517407ad
61SHA1 (patch-test_xi2_protocol-xiwarppointer.c) = fda57d72b963890478e8e78dfbe2864eb51971d2 63SHA1 (patch-test_xi2_protocol-xiwarppointer.c) = fda57d72b963890478e8e78dfbe2864eb51971d2
62SHA1 (patch-xfixes_select.c) = 0f0dac08732a54112a2f0a7b3f1393a28fbfd8bc 64SHA1 (patch-xfixes_select.c) = 0f0dac08732a54112a2f0a7b3f1393a28fbfd8bc
File Added: pkgsrc/x11/modular-xorg-server/patches/Attic/patch-exa_exa__render.c
$NetBSD: patch-exa_exa__render.c,v 1.1 2014/12/21 16:14:05 wiz Exp $

Fix CVE-2013-6424 using
http://lists.x.org/archives/xorg-devel/2013-October/037996.html

--- exa/exa_render.c.orig	2012-05-17 17:09:02.000000000 +0000
+++ exa/exa_render.c
@@ -1141,7 +1141,8 @@ exaTrapezoids(CARD8 op, PicturePtr pSrc,
 
         exaPrepareAccess(pPicture->pDrawable, EXA_PREPARE_DEST);
         for (; ntrap; ntrap--, traps++)
-            (*ps->RasterizeTrapezoid) (pPicture, traps, -bounds.x1, -bounds.y1);
+            if (xTrapezoidValid(traps))
+                (*ps->RasterizeTrapezoid) (pPicture, traps, -bounds.x1, -bounds.y1);
         exaFinishAccess(pPicture->pDrawable, EXA_PREPARE_DEST);
 
         xRel = bounds.x1 + xSrc - xDst;
File Added: pkgsrc/x11/modular-xorg-server/patches/Attic/patch-render_picture.h
$NetBSD: patch-render_picture.h,v 1.1 2014/12/21 16:14:05 wiz Exp $

Fix CVE-2013-6424 using
http://lists.x.org/archives/xorg-devel/2013-October/037996.html

--- render/picture.h.orig	2012-05-17 17:09:05.000000000 +0000
+++ render/picture.h
@@ -211,7 +211,7 @@ typedef pixman_fixed_t xFixed;
 /* whether 't' is a well defined not obviously empty trapezoid */
 #define xTrapezoidValid(t)  ((t)->left.p1.y != (t)->left.p2.y && \
 			     (t)->right.p1.y != (t)->right.p2.y && \
-			     (int) ((t)->bottom - (t)->top) > 0)
+			     ((t)->bottom > (t)->top))
 
 /*
  * Standard NTSC luminance conversions: