r7395 - in trunk: BOOK/introduction/welcome BOOK/x/installing auxfiles/xorg

dnicholson at linuxfromscratch.org dnicholson at linuxfromscratch.org
Tue Apr 22 07:28:24 PDT 2008


Author: dnicholson
Date: 2008-04-22 08:28:24 -0600 (Tue, 22 Apr 2008)
New Revision: 7395

Modified:
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/x/installing/x7lib.xml
   trunk/BOOK/x/installing/x7server.xml
   trunk/auxfiles/xorg/app-7.2.md5
   trunk/auxfiles/xorg/app-7.2.wget
Log:
Security updates for Xorg-7.2


Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	2008-04-22 02:28:52 UTC (rev 7394)
+++ trunk/BOOK/introduction/welcome/changelog.xml	2008-04-22 14:28:24 UTC (rev 7395)
@@ -42,6 +42,16 @@
 -->
 
     <listitem>
+      <para>April 22nd, 2008</para>
+      <itemizedlist>
+        <listitem>
+          <para>[dnicholson] - Fix multiple security vulnerabilities in
+          xorg-server, libXfont and xfs for Xorg-7.2.</para>
+        </listitem>
+      </itemizedlist>
+    </listitem>
+
+    <listitem>
       <para>April 21st, 2008</para>
       <itemizedlist>
         <listitem>

Modified: trunk/BOOK/x/installing/x7lib.xml
===================================================================
--- trunk/BOOK/x/installing/x7lib.xml	2008-04-22 02:28:52 UTC (rev 7394)
+++ trunk/BOOK/x/installing/x7lib.xml	2008-04-22 14:28:24 UTC (rev 7395)
@@ -14,6 +14,7 @@
 
   <!-- Versions for patches -->
   <!ENTITY libX11-version       "1.1.2">
+  <!ENTITY libXfont-version     "1.2.8">
 
 ]>
 
@@ -71,6 +72,13 @@
         <para>Required patch: <ulink
         url="&patch-root;/libX11-&libX11-version;-badargs-1.patch"/></para>
       </listitem>
+
+      <!-- Following patch is fixed in libXfont-1.3.2, which is compatible
+           with Xorg-7.3+ -->
+      <listitem>
+        <para>Required patch: <ulink
+        url="&patch-root;/libXfont-&libXfont-version;-pcf_parser-1.patch"/></para>
+      </listitem>
     </itemizedlist>
 
     <bridgehead renderas="sect3">Xorg Libraries Dependencies</bridgehead>
@@ -114,6 +122,9 @@
     patch -Np1 -i ../libX11-&libX11-version;-badargs-1.patch &&
     sed -i 's/_XGet/XGet/' modules/im/ximcp/imDefLkup.c
     ;;
+libXfont-&libXfont-version; )
+    patch -Np1 -i ../libXfont-&libXfont-version;-pcf_parser-1.patch
+    ;;
 esac &&
 ./configure $XORG_CONFIG &&
 make</userinput></screen>
@@ -144,6 +155,12 @@
     <para><command>sed -i 's/_XGet/XGet/' modules/im/ximcp/imDefLkup.c</command>:
     This command fixes a locking bug in <application>libX11</application>.</para>
 
+    <para><command>patch -Np1 -i ../libXfont-&libXfont-version;-pcf_parser-1.patch</command>:
+    This patch fixes a <ulink
+    url="http://wiki.x.org/wiki/Development/Security">security
+    vulnerability</ulink> in the PCF font parser in
+    <application>libXfont</application>.</para>
+
   </sect2>
 
   <sect2 role="configuration">

Modified: trunk/BOOK/x/installing/x7server.xml
===================================================================
--- trunk/BOOK/x/installing/x7server.xml	2008-04-22 02:28:52 UTC (rev 7394)
+++ trunk/BOOK/x/installing/x7server.xml	2008-04-22 14:28:24 UTC (rev 7395)
@@ -56,12 +56,12 @@
     </itemizedlist>
 
     <!-- Following patch is security related and should be
-        fixed for Xorg-7.3 -->
+        fixed for Xorg-7.4 -->
     <bridgehead renderas="sect3">Additional Downloads</bridgehead>
     <itemizedlist spacing="compact">
       <listitem>
         <para>Required patch: <ulink
-        url="&patch-root;/xorg-server-&xorg-server-version;-xcmisc-1.patch"/></para>
+        url="&patch-root;/xorg-server-&xorg-server-version;-security-1.patch"/></para>
       </listitem>
     </itemizedlist>
 
@@ -89,12 +89,13 @@
       <application>Xorg-server</application>.</para>
     </note>
 
-    <para>A <ulink url='http://wiki.x.org/wiki/Development/Security'>security
-    vulnerability</ulink> has been identified in the xorg-server
-    package. Apply a patch to fix this vulnerability with the following
+    <para>Multiple <ulink
+    url="http://wiki.x.org/wiki/Development/Security">security
+    vulnerabilities</ulink> have been identified in the xorg-server
+    package. Apply a patch to fix these vulnerabilities with the following
     command:</para>
 
-<screen><userinput>patch -Np1 -i ../xorg-server-&xorg-server-version;-xcmisc-1.patch</userinput></screen>
+<screen><userinput>patch -Np1 -i ../xorg-server-&xorg-server-version;-security-1.patch</userinput></screen>
 
     <para>Install the server by running the following commands:</para>
 

Modified: trunk/auxfiles/xorg/app-7.2.md5
===================================================================
--- trunk/auxfiles/xorg/app-7.2.md5	2008-04-22 02:28:52 UTC (rev 7394)
+++ trunk/auxfiles/xorg/app-7.2.md5	2008-04-22 14:28:24 UTC (rev 7395)
@@ -47,7 +47,7 @@
 c72abd90f50ef459bc14b39ec9fcc7f8  xfd-1.0.1.tar.bz2
 5df3a162429bdd6ce5aea3ca5f6365b8  xfindproxy-1.0.1.tar.bz2
 288fe4cf8a990e4e602aac16dd9109fb  xfontsel-1.0.2.tar.bz2
-f43cb64d623b748208dfd9012d17b654  xfs-1.0.4.tar.bz2
+3fc73b5e39a1fe8b8d96563c8144cffe  xfs-1.0.5.tar.bz2
 e98b18fbce1261de30b1de819d86f48a  xfsinfo-1.0.1.tar.bz2
 0dbde8b3867032b9e4a383d46dfd7e48  xfwp-1.0.1.tar.bz2
 45d8fa3c85d4bfda87251798fd605a45  xgamma-1.0.1.tar.bz2

Modified: trunk/auxfiles/xorg/app-7.2.wget
===================================================================
--- trunk/auxfiles/xorg/app-7.2.wget	2008-04-22 02:28:52 UTC (rev 7394)
+++ trunk/auxfiles/xorg/app-7.2.wget	2008-04-22 14:28:24 UTC (rev 7395)
@@ -49,7 +49,7 @@
 xfd-1.0.1.tar.bz2
 xfindproxy-1.0.1.tar.bz2
 xfontsel-1.0.2.tar.bz2
-xfs-1.0.4.tar.bz2
+xfs-1.0.5.tar.bz2
 xfsinfo-1.0.1.tar.bz2
 xfwp-1.0.1.tar.bz2
 xgamma-1.0.1.tar.bz2




More information about the blfs-book mailing list