X Strike Force XFree86 SVN commit: r1031 - in trunk/debian: . patches
Author: branden
Date: 2004-02-16 00:31:49 -0500 (Mon, 16 Feb 2004)
New Revision: 1031
Modified:
trunk/debian/changelog
trunk/debian/patches/000_post421.diff
Log:
Resync with xf-4_2-branch as of 2004-02-15. Resolves several
vulnerabilities in the X11R6 fontfile library.
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2004-02-16 05:15:44 UTC (rev 1030)
+++ trunk/debian/changelog 2004-02-16 05:31:49 UTC (rev 1031)
@@ -1,10 +1,26 @@
-xfree86 (4.2.1-17) unstable; urgency=low
+xfree86 (4.2.1-17) unstable; urgency=high
+ * Security update release. Resolves the following issues:
+ + CAN-2004-0083: Buffer overflow in ReadFontAlias from dirfile.c of
+ XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to
+ execute arbitrary code via a font alias file (font.alias) with a long
+ token, a different vulnerability than CAN-2004-0084.
+ + CAN-2004-0084: Buffer overflow in the ReadFontAlias function in XFree86
+ 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows
+ local or remote authenticated users to execute arbitrary code via a
+ malformed entry in the font alias (font.alias) file, a different
+ vulnerability than CAN-2004-0083.
+ + CAN-2004-0106: Miscellaneous additional flaws in XFree86's handling of
+ font files.
+
* Rename debian/patches/000_post421-2003.02.18.diff to omit the date of the
resync, since the file is now under version control.
- -- Branden Robinson <branden@debian.org> Mon, 16 Feb 2004 00:14:37 -0500
+ * Resync with xf-4_2-branch as of 2004-02-15. Resolves several
+ vulnerabilities in the X11R6 fontfile library.
+ -- Branden Robinson <branden@debian.org> Mon, 16 Feb 2004 00:23:03 -0500
+
xfree86 (4.2.1-16) unstable; urgency=low
* Neutralize the workaround for the Linux kernel kbd_rate structure change
Modified: trunk/debian/patches/000_post421.diff
===================================================================
--- trunk/debian/patches/000_post421.diff 2004-02-16 05:15:44 UTC (rev 1030)
+++ trunk/debian/patches/000_post421.diff 2004-02-16 05:31:49 UTC (rev 1031)
@@ -2,7 +2,7 @@
Index: xc/RELNOTES
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/RELNOTES,v
+RCS file: /cvs/xc/RELNOTES,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -u -r1.6 -r1.6.2.1
@@ -484,7 +484,7 @@
+$XFree86: xc/RELNOTES,v 1.6.2.1 2002/10/18 21:37:19 dawes Exp $
Index: xc/config/cf/FreeBSD.cf
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/config/cf/FreeBSD.cf,v
+RCS file: /cvs/xc/config/cf/FreeBSD.cf,v
retrieving revision 3.112.2.1
retrieving revision 3.112.2.2
diff -u -r3.112.2.1 -r3.112.2.2
@@ -499,20 +499,20 @@
#ifndef UseElfFormat
#define UseElfFormat DefaultToElfFormat
-@@ -189,6 +189,10 @@
- #if OSMajorVersion > 2 || (OSMajorVersion == 2 && OSMinorVersion > 2) || \
- (OSMajorVersion == 2 && OSMinorVersion == 2 && OSTeenyVersion >= 2)
+@@ -191,6 +191,10 @@
#define HasSetUserContext YES
+ #endif
+
++#if OSMajorVersion >= 5 || (OSMajorVersion == 4 && OSMinorVersion >= 6)
++#define HasGetpeereid YES
+#endif
+
-+#if OSMajorVersion >= 5 || (OSMajorVersion == 4 && OSMinorVersion >= 6)
-+#define HasGetpeereid YES
- #endif
-
/* 3.3(?) and later has support for setting MTRRs */
+ #ifndef HasMTRRSupport
+ #if OSMajorVersion > 3 || (OSMajorVersion == 3 && OSMinorVersion >= 3)
Index: xc/config/cf/Imake.tmpl
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/config/cf/Imake.tmpl,v
+RCS file: /cvs/xc/config/cf/Imake.tmpl,v
retrieving revision 3.116.2.1
retrieving revision 3.116.2.2
diff -u -r3.116.2.1 -r3.116.2.2
@@ -527,19 +527,19 @@
XCOMM ----------------------------------------------------------------------
/*
-@@ -394,6 +394,9 @@
- #endif
+@@ -395,6 +395,9 @@
#ifndef HasPamMisc
#define HasPamMisc NO
-+#endif
+ #endif
+#ifndef HasGetpeereid
+#define HasGetpeereid NO
- #endif
++#endif
/* byte-order defaults */
#ifndef ByteOrder
+ #if defined(VaxArchitecture)
Index: xc/config/cf/OpenBSD.cf
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/config/cf/OpenBSD.cf,v
+RCS file: /cvs/xc/config/cf/OpenBSD.cf,v
retrieving revision 3.66.2.1
retrieving revision 3.66.2.3
diff -u -r3.66.2.1 -r3.66.2.3
@@ -574,14 +574,14 @@
# else
Index: xc/doc/hardcopy/Xext/mit-shm.PS.gz
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/doc/hardcopy/Xext/mit-shm.PS.gz,v
+RCS file: /cvs/xc/doc/hardcopy/Xext/mit-shm.PS.gz,v
retrieving revision 1.1.1.1
retrieving revision 1.1.1.1.12.1
diff -u -r1.1.1.1 -r1.1.1.1.12.1
-Binary files /tmp/branden/cvsJgPUDx and /tmp/branden/cvsyFnhXf differ
+Binary files /tmp/cvsHgNGHg and /tmp/cvsmchVn2 differ
Index: xc/doc/specs/Xext/mit-shm.ms
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/doc/specs/Xext/mit-shm.ms,v
+RCS file: /cvs/xc/doc/specs/Xext/mit-shm.ms,v
retrieving revision 1.1.1.1
retrieving revision 1.1.1.1.28.1
diff -u -r1.1.1.1 -r1.1.1.1.28.1
@@ -603,7 +603,7 @@
shminfo.shmaddr = image->data = shmat (shminfo.shmid, 0, 0);
Index: xc/lib/Xaw/AsciiSink.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/lib/Xaw/AsciiSink.c,v
+RCS file: /cvs/xc/lib/Xaw/AsciiSink.c,v
retrieving revision 1.27
retrieving revision 1.27.2.1
diff -u -r1.27 -r1.27.2.1
@@ -663,7 +663,7 @@
xr = x;
Index: xc/lib/Xaw/AsciiSrc.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/lib/Xaw/AsciiSrc.c,v
+RCS file: /cvs/xc/lib/Xaw/AsciiSrc.c,v
retrieving revision 1.30.2.1
retrieving revision 1.30.2.2
diff -u -r1.30.2.1 -r1.30.2.2
@@ -715,7 +715,7 @@
src->ascii_src.allocated_string = True;
Index: xc/lib/Xaw/Command.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/lib/Xaw/Command.c,v
+RCS file: /cvs/xc/lib/Xaw/Command.c,v
retrieving revision 1.14
retrieving revision 1.14.2.1
diff -u -r1.14 -r1.14.2.1
@@ -790,13 +790,10 @@
if (oldcbw->label.foreground != cbw->label.foreground
|| oldcbw->core.background_pixel != cbw->core.background_pixel
|| oldcbw->command.highlight_thickness
-@@ -539,6 +557,22 @@
- cbw->command.shape_style = oldcbw->command.shape_style;
+@@ -542,6 +560,22 @@
+ }
- return (redisplay);
-+}
-+
-+static void
+ static void
+XawCommandGetValuesHook(Widget w, ArgList args, Cardinal *num_args)
+{
+ CommandWidget cbw = (CommandWidget)w;
@@ -810,12 +807,15 @@
+ *((String*)args[i].value) = cbw->command.set ?
+ (String)cbw->label.foreground : (String)cbw->core.background_pixel;
+ }
- }
-
- static void
++}
++
++static void
+ XawCommandClassInitialize(void)
+ {
+ XawInitializeWidgetSet();
Index: xc/lib/Xaw/MultiSrc.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/lib/Xaw/MultiSrc.c,v
+RCS file: /cvs/xc/lib/Xaw/MultiSrc.c,v
retrieving revision 1.24.2.1
retrieving revision 1.24.2.2
diff -u -r1.24.2.1 -r1.24.2.2
@@ -868,7 +868,7 @@
Index: xc/lib/Xaw/Text.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/lib/Xaw/Text.c,v
+RCS file: /cvs/xc/lib/Xaw/Text.c,v
retrieving revision 3.50
retrieving revision 3.50.2.1
diff -u -r3.50 -r3.50.2.1
@@ -917,7 +917,7 @@
else
Index: xc/lib/Xaw/TextAction.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/lib/Xaw/TextAction.c,v
+RCS file: /cvs/xc/lib/Xaw/TextAction.c,v
retrieving revision 3.44
retrieving revision 3.44.2.1
diff -u -r3.44 -r3.44.2.1
@@ -960,7 +960,7 @@
_XawImUnsetFocus(w);
Index: xc/lib/Xaw/TextSrc.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/lib/Xaw/TextSrc.c,v
+RCS file: /cvs/xc/lib/Xaw/TextSrc.c,v
retrieving revision 1.30.2.1
retrieving revision 1.30.2.2
diff -u -r1.30.2.1 -r1.30.2.2
@@ -986,12 +986,10 @@
if (anchor->cache && anchor->position + anchor->cache->offset +
anchor->cache->length <= position)
eprev = entity = anchor->cache;
-@@ -1819,6 +1823,15 @@
- length, property));
- }
+@@ -1821,6 +1825,15 @@
}
-+ }
-+
+ }
+
+ /* Automatically join sequential entities if possible */
+ if (eprev &&
+ anchor->position + eprev->offset + eprev->length == position &&
@@ -999,12 +997,229 @@
+ eprev->flags == flags && eprev->data == data) {
+ eprev->length += length;
+ return (eprev);
++ }
++
+ entity = XtNew(XawTextEntity);
+ entity->type = type;
+ entity->flags = flags;
+Index: xc/lib/font/fontfile/dirfile.c
+===================================================================
+RCS file: /cvs/xc/lib/font/fontfile/dirfile.c,v
+retrieving revision 3.14
+retrieving revision 3.14.2.2
+diff -u -r3.14 -r3.14.2.2
+--- xc/lib/font/fontfile/dirfile.c 14 Dec 2001 19:56:50 -0000 3.14
++++ xc/lib/font/fontfile/dirfile.c 12 Feb 2004 03:24:54 -0000 3.14.2.2
+@@ -25,7 +25,7 @@
+ in this Software without prior written authorization from The Open Group.
+
+ */
+-/* $XFree86: xc/lib/font/fontfile/dirfile.c,v 3.14 2001/12/14 19:56:50 dawes Exp $ */
++/* $XFree86: xc/lib/font/fontfile/dirfile.c,v 3.14.2.2 2004/02/12 03:24:54 dawes Exp $ */
+
+ /*
+ * Author: Keith Packard, MIT X Consortium
+@@ -68,6 +68,9 @@
+
+ FontDirectoryPtr dir = NullFontDirectory;
+
++ if (strlen(directory) + 1 + sizeof(FontDirFile) > sizeof(dir_file))
++ return BadFontPath;
++
+ #ifdef FONTDIRATTRIB
+ /* Check for font directory attributes */
+ #ifndef __EMX__
+@@ -154,6 +157,9 @@
+ char dir_file[MAXFONTFILENAMELEN];
+ struct stat statb;
+
++ if (strlen(dir->directory) + sizeof(FontDirFile) > sizeof(dir_file))
++ return FALSE;
++
+ strcpy (dir_file, dir->directory);
+ strcat (dir_file, FontDirFile);
+ if (stat (dir_file, &statb) == -1)
+@@ -202,6 +208,8 @@
+ continue;
+
+ len = strlen (fileName) - renderer->fileSuffixLen;
++ if (len >= sizeof(copy))
++ continue;
+ CopyISOLatin1Lowered (copy, fileName, len);
+ copy[len] = '\0';
+ name.name = copy;
+@@ -251,9 +259,13 @@
+ int status = Successful;
+ struct stat statb;
+
++ if (strlen(directory) >= sizeof(alias_file))
++ return BadFontPath;
+ dir = *pdir;
+ strcpy(alias_file, directory);
+ if (!isFile) {
++ if (strlen(directory) + 1 + sizeof(FontAliasFile) > sizeof(alias_file))
++ return BadFontPath;
+ if (directory[strlen(directory) - 1] != '/')
+ strcat(alias_file, "/");
+ strcat(alias_file, FontAliasFile);
+@@ -286,6 +298,10 @@
+ status = AllocError;
+ break;
+ case NAME:
++ if (strlen(lexToken) >= sizeof(alias)) {
++ status = BadFontPath;
++ break;
++ }
+ strcpy(alias, lexToken);
+ token = lexAlias(file, &lexToken);
+ switch (token) {
+@@ -302,6 +318,10 @@
+ status = AllocError;
+ break;
+ case NAME:
++ if (strlen(lexToken) >= sizeof(font_name)) {
++ status = BadFontPath;
++ break;
++ }
+ CopyISOLatin1Lowered(alias, alias, strlen(alias));
+ CopyISOLatin1Lowered(font_name, lexToken, strlen(lexToken));
+ if (!FontFileAddFontAlias (dir, alias, font_name))
+Index: xc/lib/font/fontfile/encparse.c
+===================================================================
+RCS file: /cvs/xc/lib/font/fontfile/encparse.c,v
+retrieving revision 1.18
+retrieving revision 1.18.4.1
+diff -u -r1.18 -r1.18.4.1
+--- xc/lib/font/fontfile/encparse.c 2 Nov 2001 03:06:40 -0000 1.18
++++ xc/lib/font/fontfile/encparse.c 12 Feb 2004 03:24:55 -0000 1.18.4.1
+@@ -20,7 +20,7 @@
+ THE SOFTWARE.
+ */
+
+-/* $XFree86: xc/lib/font/fontfile/encparse.c,v 1.18 2001/11/02 03:06:40 dawes Exp $ */
++/* $XFree86: xc/lib/font/fontfile/encparse.c,v 1.18.4.1 2004/02/12 03:24:55 dawes Exp $ */
+
+ /* Parser for encoding files */
+
+@@ -833,6 +833,7 @@
+ char file_name[MAXFONTFILENAMELEN], encoding_name[MAXFONTNAMELEN],
+ buf[MAXFONTFILENAMELEN];
+ int count, n;
++ static char format[24] = "";
+
+ /* As we don't really expect to open encodings that often, we don't
+ take the trouble of caching encodings directories. */
+@@ -848,8 +849,12 @@
}
- entity = XtNew(XawTextEntity);
+ encoding = NULL;
++ if (!format[0]) {
++ sprintf(format, "%%%ds %%%d[^\n]\n", sizeof(encoding_name) - 1,
++ sizeof(file_name) - 1);
++ }
+ for(;;) {
+- count = fscanf(file, "%s %[^\n]\n", encoding_name, file_name);
++ count = fscanf(file, format, encoding_name, file_name);
+ if(count == EOF)
+ break;
+ if(count != 2)
+Index: xc/lib/font/fontfile/fontfile.c
+===================================================================
+RCS file: /cvs/xc/lib/font/fontfile/fontfile.c,v
+retrieving revision 3.15
+retrieving revision 3.15.2.1
+diff -u -r3.15 -r3.15.2.1
+--- xc/lib/font/fontfile/fontfile.c 14 Dec 2001 19:56:51 -0000 3.15
++++ xc/lib/font/fontfile/fontfile.c 12 Feb 2004 03:24:55 -0000 3.15.2.1
+@@ -25,7 +25,7 @@
+ in this Software without prior written authorization from The Open Group.
+
+ */
+-/* $XFree86: xc/lib/font/fontfile/fontfile.c,v 3.15 2001/12/14 19:56:51 dawes Exp $ */
++/* $XFree86: xc/lib/font/fontfile/fontfile.c,v 3.15.2.1 2004/02/12 03:24:55 dawes Exp $ */
+
+ /*
+ * Author: Keith Packard, MIT X Consortium
+@@ -424,11 +424,16 @@
+ vals.ranges = ranges;
+ vals.nranges = nranges;
+
+- strcpy (fileName, dir->directory);
+- strcat (fileName, scalable->fileName);
+- ret = (*scalable->renderer->OpenScalable) (fpe, pFont,
++ if (strlen(dir->directory) + strlen(scalable->fileName) >=
++ sizeof(fileName)) {
++ ret = BadFontName;
++ } else {
++ strcpy (fileName, dir->directory);
++ strcat (fileName, scalable->fileName);
++ ret = (*scalable->renderer->OpenScalable) (fpe, pFont,
+ flags, entry, fileName, &vals, format, fmask,
+ non_cachable_font);
++ }
+
+ /* In case rasterizer does something bad because of
+ charset subsetting... */
+@@ -497,6 +502,8 @@
+
+ dir = (FontDirectoryPtr) fpe->private;
+ bitmap = &entry->u.bitmap;
++ if (strlen(dir->directory) + strlen(bitmap->fileName) >= sizeof(fileName))
++ return BadFontName;
+ strcpy (fileName, dir->directory);
+ strcat (fileName, bitmap->fileName);
+ ret = (*bitmap->renderer->OpenBitmap)
+@@ -530,6 +537,8 @@
+
+ dir = (FontDirectoryPtr) fpe->private;
+ bitmap = &entry->u.bitmap;
++ if (strlen(dir->directory) + strlen(bitmap->fileName) >= sizeof(fileName))
++ return BadFontName;
+ strcpy (fileName, dir->directory);
+ strcat (fileName, bitmap->fileName);
+ ret = (*bitmap->renderer->GetInfoBitmap) (fpe, pFontInfo, entry, fileName);
+@@ -891,10 +900,15 @@
+ vals.ranges = FontParseRanges(origName, &vals.nranges);
+ ranges = vals.ranges;
+ /* Make a new scaled instance */
+- strcpy (fileName, dir->directory);
+- strcat (fileName, scalable->fileName);
+- ret = (*scalable->renderer->GetInfoScalable)
+- (fpe, *pFontInfo, entry, &tmpName, fileName, &vals);
++ if (strlen(dir->directory) + strlen(scalable->fileName) >=
++ sizeof(fileName)) {
++ ret = BadFontName;
++ } else {
++ strcpy (fileName, dir->directory);
++ strcat (fileName, scalable->fileName);
++ ret = (*scalable->renderer->GetInfoScalable)
++ (fpe, *pFontInfo, entry, &tmpName, fileName, &vals);
++ }
+ if (ranges) xfree(ranges);
+ }
+ }
+@@ -931,10 +945,15 @@
+ bc = &entry->u.bc;
+ entry = bc->entry;
+ /* Make a new scaled instance */
+- strcpy (fileName, dir->directory);
+- strcat (fileName, scalable->fileName);
+- ret = (*scalable->renderer->GetInfoScalable)
++ if (strlen(dir->directory) + strlen(scalable->fileName) >=
++ sizeof(fileName)) {
++ ret = BadFontName;
++ } else {
++ strcpy (fileName, dir->directory);
++ strcat (fileName, scalable->fileName);
++ ret = (*scalable->renderer->GetInfoScalable)
+ (fpe, *pFontInfo, entry, tmpName, fileName, &bc->vals);
++ }
+ break;
+ #endif
+ default:
Index: xc/programs/Xserver/Xext/shm.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/Xext/shm.c,v
+RCS file: /cvs/xc/programs/Xserver/Xext/shm.c,v
retrieving revision 3.33.2.2
retrieving revision 3.33.2.3
diff -u -r3.33.2.2 -r3.33.2.3
@@ -1170,7 +1385,7 @@
shmdesc->writable = !stuff->readOnly;
Index: xc/programs/Xserver/hw/darwin/bundle/Xserver.h
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/darwin/bundle/Attic/Xserver.h,v
+RCS file: /cvs/xc/programs/Xserver/hw/darwin/bundle/Attic/Xserver.h,v
retrieving revision 1.13
retrieving revision 1.13.2.1
diff -u -r1.13 -r1.13.2.1
@@ -1195,7 +1410,7 @@
- (IBAction)startFullScreen:(id)sender;
Index: xc/programs/Xserver/hw/darwin/bundle/Xserver.m
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/darwin/bundle/Attic/Xserver.m,v
+RCS file: /cvs/xc/programs/Xserver/hw/darwin/bundle/Attic/Xserver.m,v
retrieving revision 1.37.2.1
retrieving revision 1.37.2.2
diff -u -r1.37.2.1 -r1.37.2.2
@@ -1219,19 +1434,19 @@
NSLog(@"Could not start X client process with errno = %i.", errno);
_exit(127);
-@@ -622,9 +622,6 @@
- - (void)killServer
+@@ -623,9 +623,6 @@
{
NXEvent ev;
--
+
- if (serverVisible)
- [self hide];
-
+-
ev.type = NX_APPDEFINED;
ev.data.compound.subType = kXDarwinQuit;
+ [self sendNXEvent:&ev];
Index: xc/programs/Xserver/hw/darwin/bundle/quartz.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/darwin/bundle/Attic/quartz.c,v
+RCS file: /cvs/xc/programs/Xserver/hw/darwin/bundle/Attic/quartz.c,v
retrieving revision 1.24
retrieving revision 1.24.2.1
diff -u -r1.24 -r1.24.2.1
@@ -1264,7 +1479,7 @@
}
Index: xc/programs/Xserver/hw/darwin/bundle/quartzCursor.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/darwin/bundle/Attic/quartzCursor.c,v
+RCS file: /cvs/xc/programs/Xserver/hw/darwin/bundle/Attic/quartzCursor.c,v
retrieving revision 1.15.2.1
retrieving revision 1.15.2.3
diff -u -r1.15.2.1 -r1.15.2.3
@@ -1389,7 +1604,7 @@
Index: xc/programs/Xserver/hw/darwin/bundle/rootlessWindow.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/darwin/bundle/Attic/rootlessWindow.c,v
+RCS file: /cvs/xc/programs/Xserver/hw/darwin/bundle/Attic/rootlessWindow.c,v
retrieving revision 1.9
retrieving revision 1.9.2.1
diff -u -r1.9 -r1.9.2.1
@@ -1434,7 +1649,7 @@
// (x+bw, y+bw, w, h) is inner rect
Index: xc/programs/Xserver/hw/darwin/bundle/XDarwin.pbproj/project.pbxproj
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/darwin/bundle/XDarwin.pbproj/Attic/project.pbxproj,v
+RCS file: /cvs/xc/programs/Xserver/hw/darwin/bundle/XDarwin.pbproj/Attic/project.pbxproj,v
retrieving revision 1.30.2.2
retrieving revision 1.30.2.4
diff -u -r1.30.2.2 -r1.30.2.4
@@ -1460,14 +1675,16 @@
<key>CFBundleVersion</key>
Index: xc/programs/Xserver/hw/xfree86/CHANGELOG
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/xfree86/CHANGELOG,v
+RCS file: /cvs/xc/programs/Xserver/hw/xfree86/CHANGELOG,v
retrieving revision 3.2144.2.22
-retrieving revision 3.2144.2.27
-diff -u -r3.2144.2.22 -r3.2144.2.27
+retrieving revision 3.2144.2.29
+diff -u -r3.2144.2.22 -r3.2144.2.29
--- xc/programs/Xserver/hw/xfree86/CHANGELOG 4 Sep 2002 03:01:44 -0000 3.2144.2.22
-+++ xc/programs/Xserver/hw/xfree86/CHANGELOG 17 Dec 2002 19:11:03 -0000 3.2144.2.27
-@@ -1,3 +1,26 @@
-+XFree86 4.2.1.2 (xx December 2002)
++++ xc/programs/Xserver/hw/xfree86/CHANGELOG 12 Feb 2004 03:24:55 -0000 3.2144.2.29
+@@ -1,3 +1,28 @@
++XFree86 4.2.1.2 (xx February 2004)
++ 723. Some more font path checks.
++ 722. Fix font alias overrun.
+ 721. Fix problems with earlier fix (713 below) to intermittent XDarwin
+ crash when changing cursors with dual processors (Torrey T. Lyons).
+
@@ -1493,15 +1710,15 @@
XFree86 4.2.1 (03 September 2002)
715. [SECURITY] Fix an Xlib problem that made it possible to load arbitrary
code into privileged clients.
-@@ -14605,4 +14628,4 @@
+@@ -14605,4 +14630,4 @@
XFree86 3.0 (26 April 1994)
-$XFree86: xc/programs/Xserver/hw/xfree86/CHANGELOG,v 3.2144.2.22 2002/09/04 03:01:44 dawes Exp $
-+$XFree86: xc/programs/Xserver/hw/xfree86/CHANGELOG,v 3.2144.2.27 2002/12/17 19:11:03 torrey Exp $
++$XFree86: xc/programs/Xserver/hw/xfree86/CHANGELOG,v 3.2144.2.29 2004/02/12 03:24:55 dawes Exp $
Index: xc/programs/Xserver/hw/xfree86/xf86Version.h
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/xfree86/xf86Version.h,v
+RCS file: /cvs/xc/programs/Xserver/hw/xfree86/xf86Version.h,v
retrieving revision 3.487.2.5
retrieving revision 3.487.2.6
diff -u -r3.487.2.5 -r3.487.2.6
@@ -1532,7 +1749,7 @@
Index: xc/programs/Xserver/hw/xfree86/doc/sgml/Install.sgml
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/xfree86/doc/sgml/Install.sgml,v
+RCS file: /cvs/xc/programs/Xserver/hw/xfree86/doc/sgml/Install.sgml,v
retrieving revision 1.13
retrieving revision 1.13.2.1
diff -u -r1.13 -r1.13.2.1
@@ -1558,7 +1775,7 @@
We provide XFree86 &relvers; <![ %updaterel [update ]]>binaries for a range
Index: xc/programs/Xserver/hw/xfree86/doc/sgml/README.sgml
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/xfree86/doc/sgml/README.sgml,v
+RCS file: /cvs/xc/programs/Xserver/hw/xfree86/doc/sgml/README.sgml,v
retrieving revision 3.119.2.1
retrieving revision 3.119.2.2
diff -u -r3.119.2.1 -r3.119.2.2
@@ -1584,7 +1801,7 @@
you will work on) and, level of expertise (coder, DRI, core, specific
Index: xc/programs/Xserver/hw/xfree86/drivers/ati/r128_driver.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/hw/xfree86/drivers/ati/r128_driver.c,v
+RCS file: /cvs/xc/programs/Xserver/hw/xfree86/drivers/ati/r128_driver.c,v
retrieving revision 1.57.2.1
retrieving revision 1.57.2.2
diff -u -r1.57.2.1 -r1.57.2.2
@@ -1636,7 +1853,7 @@
Index: xc/programs/Xserver/include/os.h
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/include/os.h,v
+RCS file: /cvs/xc/programs/Xserver/include/os.h,v
retrieving revision 3.40
retrieving revision 3.40.2.1
diff -u -r3.40 -r3.40.2.1
@@ -1648,18 +1865,18 @@
/***********************************************************
Copyright 1987, 1998 The Open Group
-@@ -638,6 +638,8 @@
- ClientPtr /* client */
+@@ -639,6 +639,8 @@
#endif
);
+
++extern int LocalClientCred(ClientPtr, int *, int *);
+
-+extern int LocalClientCred(ClientPtr, int *, int *);
-
extern int ChangeAccessControl(
#if NeedFunctionPrototypes
+ ClientPtr /*client*/,
Index: xc/programs/Xserver/os/Imakefile
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/os/Imakefile,v
+RCS file: /cvs/xc/programs/Xserver/os/Imakefile,v
retrieving revision 3.34
retrieving revision 3.34.4.1
diff -u -r3.34 -r3.34.4.1
@@ -1696,7 +1913,7 @@
-I$(TOP)/lib/Xau -I../lbx Krb5Includes
Index: xc/programs/Xserver/os/access.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/Xserver/os/access.c,v
+RCS file: /cvs/xc/programs/Xserver/os/access.c,v
retrieving revision 3.39
retrieving revision 3.39.2.1
diff -u -r3.39 -r3.39.2.1
@@ -1711,12 +1928,10 @@
#ifdef WIN32
#include <X11/Xwinsock.h>
-@@ -1005,6 +1005,55 @@
- xfree ((char *) from);
- }
+@@ -1007,6 +1007,55 @@
return FALSE;
-+}
-+
+ }
+
+/*
+ * Return the uid and gid of a connected local client
+ * or the uid/gid for nobody those ids cannot be determinded
@@ -1764,12 +1979,14 @@
+ /* No system call available to get the credentials of the peer */
+ return -1;
+#endif
- }
-
++}
++
static Bool
+ AuthorizedClient(ClientPtr client)
+ {
Index: xc/programs/xdm/Imakefile
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/xdm/Imakefile,v
+RCS file: /cvs/xc/programs/xdm/Imakefile,v
retrieving revision 3.45
retrieving revision 3.45.4.1
diff -u -r3.45 -r3.45.4.1
@@ -1784,22 +2001,22 @@
#define IHaveSubdirs
#define PassCDebugFlags 'CDEBUGFLAGS=$(CDEBUGFLAGS)'
-@@ -129,6 +129,12 @@
+@@ -131,6 +131,12 @@
+ FRAGILE_DEFINES = -DFRAGILE_DEV_MEM
+ #endif
- #if defined(i386Architecture) || defined(AmigaArchitecture)
- FRAGILE_DEFINES = -DFRAGILE_DEV_MEM
-+#endif
-+
+#if defined(NetBSDArchitecture) && \
+ ((OSMajorVersion > 1) || \
+ (OSMajorVersion == 1 && OSMinorVersion > 3))
+RANDOM_DEFINES = -DDEV_RANDOM=\"/dev/urandom\"
++#endif
++
+ #ifdef OpenBSDArchitecture
+ RANDOM_DEFINES = -DARC4_RANDOM
#endif
-
- #ifdef OpenBSDArchitecture
Index: xc/programs/xdm/genauth.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/xdm/genauth.c,v
+RCS file: /cvs/xc/programs/xdm/genauth.c,v
retrieving revision 3.13
retrieving revision 3.13.2.1
diff -u -r3.13 -r3.13.2.1
@@ -1825,7 +2042,7 @@
Index: xc/programs/xdm/greeter/verify.c
===================================================================
-RCS file: /home/branden/packages/xfree86/cvsup/xc/programs/xdm/greeter/verify.c,v
+RCS file: /cvs/xc/programs/xdm/greeter/verify.c,v
retrieving revision 3.21
retrieving revision 3.21.2.1
diff -u -r3.21 -r3.21.2.1
Reply to: