Date: Wed, 18 Oct 2006 02:24:25 GMT From: Jon Kelly Hays<kelly.hays@jkhfamily.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/104510: [PATCH] x11/nvidia-driver Update to beta driver to fix vulnerability Message-ID: <200610180224.k9I2OPIL061931@www.freebsd.org> Resent-Message-ID: <200610180230.k9I2UGcr043523@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 104510 >Category: ports >Synopsis: [PATCH] x11/nvidia-driver Update to beta driver to fix vulnerability >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Oct 18 02:30:15 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Jon Kelly Hays >Release: >Organization: >Environment: >Description: Current version of x11/nvidia-driver is marked FORBIDDEN due to arbitrary root code execution vulnerability. See http://vuxml.FreeBSD.org/a6d9da4a-5d5e-11db-8faf-000c6ec775d9.html for details. A Beta version of the driver exists that I have verified does not have the vulnerability. >How-To-Repeat: >Fix: Update to the beta driver version 9625. See patches below: --- Makefile.jkh Tue Oct 17 19:51:12 2006 +++ Makefile Tue Oct 17 20:41:27 2006 @@ -17,7 +17,6 @@ MAINTAINER= danfe@FreeBSD.org COMMENT= NVidia graphics card binary drivers for hardware OpenGL rendering -FORBIDDEN= Buffer overflow vulnerability: http://vuxml.FreeBSD.org/a6d9da4a-5d5e-11db-8faf-000c6ec775d9.html ONLY_FOR_ARCHS= i386 @@ -83,7 +82,7 @@ PORTREVISION= 3 EXTRA_PATCHES+= ${FILESDIR}/6113-patch-lib::Makefile .else -NVVERSION= 8774 +NVVERSION= 9625 EXTRA_PATCHES+= ${FILESDIR}/7667-* .endif .if ${OSVERSION} >= 600033 --- distinfo.jkh Tue Oct 17 20:01:08 2006 +++ distinfo Tue Oct 17 20:07:05 2006 @@ -4,6 +4,6 @@ MD5 (NVIDIA-FreeBSD-x86-1.0-7174.tar.gz) = b57a03e0325617092016144229ae6114 SHA256 (NVIDIA-FreeBSD-x86-1.0-7174.tar.gz) = 926dfca6078bcaed486e0e27637faacd6a9eda7a3252d0d7779256e674776532 SIZE (NVIDIA-FreeBSD-x86-1.0-7174.tar.gz) = 8433799 -MD5 (NVIDIA-FreeBSD-x86-1.0-8774.tar.gz) = 0fe3cbc309815f4ac3d70e7d1a3a4f9e -SHA256 (NVIDIA-FreeBSD-x86-1.0-8774.tar.gz) = a5156d4da19fa544172ec9eca4e612c6b48c7d9f932cebf695e7206343ed9a07 -SIZE (NVIDIA-FreeBSD-x86-1.0-8774.tar.gz) = 9449433 +MD5 (NVIDIA-FreeBSD-x86-1.0-9625.tar.gz) = 4958ecfa87745c6afed008b0067c9720 +SHA256 (NVIDIA-FreeBSD-x86-1.0-9625.tar.gz) = 14689225ad924451a87512f245a1d5ac48c18dde128ec4277802de602c545d9e +SIZE (NVIDIA-FreeBSD-x86-1.0-9625.tar.gz) = 9715066 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610180224.k9I2OPIL061931>