http://xorg.freedesktop.org/releases/X11R6.9.0/patches/ CVE-2006-1525: A buffer overflow in the Render extension triangle handling code makes it possible for an authorized client to crash the X server or allow execution of malicious code with the privileges of the X server. MD5: d666925bfe3d76156c399091578579ae x11r6.9.0-mitri.diff SHA1: 3d9da8bb9b28957c464d28ea194d5df50e2a3e5c x11r6.9.0-mitri.diff Index: x11-servers/xorg-server/Makefile =================================================================== RCS file: /home/ncvs/ports/x11-servers/xorg-server/Makefile,v retrieving revision 1.35 diff -u -r1.35 Makefile --- x11-servers/xorg-server/Makefile 20 Apr 2006 10:45:42 -0000 1.35 +++ x11-servers/xorg-server/Makefile 2 May 2006 23:46:45 -0000 @@ -7,7 +7,7 @@ PORTNAME= xorg-server PORTVERSION= 6.9.0 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= x11-servers MASTER_SITES= ${MASTER_SITE_XORG} MASTER_SITE_SUBDIR= X11R${PORTVERSION}/src Index: x11-servers/xorg-server/Makefile.inc =================================================================== RCS file: /home/ncvs/ports/x11-servers/xorg-server/Makefile.inc,v retrieving revision 1.14 diff -u -r1.14 Makefile.inc --- x11-servers/xorg-server/Makefile.inc 2 Feb 2006 12:39:40 -0000 1.14 +++ x11-servers/xorg-server/Makefile.inc 2 May 2006 23:46:45 -0000 @@ -45,7 +45,8 @@ ${PORTSDIR}/x11-servers/xorg-server/files/patch-Xserver-Xext-xvmc.c \ ${PORTSDIR}/x11-servers/xorg-server/files/patch-Xserver-os-xprintf.c \ ${PORTSDIR}/x11-servers/xorg-server/files/patch-servermd.h \ - ${PORTSDIR}/x11-servers/xorg-server/files/patch-xf86sym.c + ${PORTSDIR}/x11-servers/xorg-server/files/patch-xf86sym.c \ + ${PORTSDIR}/x11-servers/xorg-server/files/patch-CVE-2006-1525 .if !target(do-configure) do-configure: Index: x11-servers/xorg-server/files/patch-CVE-2006-1525 =================================================================== RCS file: x11-servers/xorg-server/files/patch-CVE-2006-1525 diff -N x11-servers/xorg-server/files/patch-CVE-2006-1525 --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ x11-servers/xorg-server/files/patch-CVE-2006-1525 2 May 2006 23:46:45 -0000 @@ -0,0 +1,25 @@ +Index: programs/Xserver/render/mitri.c +=================================================================== +RCS file: /cvs/xorg/xc/programs/Xserver/render/mitri.c,v +retrieving revision 1.5 +diff -u -r1.5 mitri.c +--- programs/Xserver/render/mitri.c 3 Jul 2005 07:02:08 -0000 1.5 ++++ programs/Xserver/render/mitri.c 30 Apr 2006 20:19:57 -0000 +@@ -145,7 +145,7 @@ + if (npoint < 3) + return; + ntri = npoint - 2; +- tris = ALLOCATE_LOCAL (ntri & sizeof (xTriangle)); ++ tris = ALLOCATE_LOCAL (ntri * sizeof (xTriangle)); + if (!tris) + return; + for (tri = tris; npoint >= 3; npoint--, points++, tri++) +@@ -177,7 +177,7 @@ + if (npoint < 3) + return; + ntri = npoint - 2; +- tris = ALLOCATE_LOCAL (ntri & sizeof (xTriangle)); ++ tris = ALLOCATE_LOCAL (ntri * sizeof (xTriangle)); + if (!tris) + return; + first = points++; Index: x11-servers/xorg-vfbserver/Makefile =================================================================== RCS file: /home/ncvs/ports/x11-servers/xorg-vfbserver/Makefile,v retrieving revision 1.8 diff -u -r1.8 Makefile --- x11-servers/xorg-vfbserver/Makefile 21 Jan 2006 18:55:08 -0000 1.8 +++ x11-servers/xorg-vfbserver/Makefile 2 May 2006 23:46:45 -0000 @@ -7,6 +7,7 @@ PORTNAME= xorg-vfbserver PORTVERSION= 6.9.0 +PORTREVISION= 1 CATEGORIES= x11-servers MASTER_SITES= ${MASTER_SITE_XORG} MASTER_SITE_SUBDIR= X11R${PORTVERSION}/src