Date: Fri, 6 Sep 2002 10:29:25 +1000 From: Edwin Groothuis <edwin@mavetju.org> To: Eric Anholt <eta@lclark.edu> Cc: ports@freebsd.org Subject: Re: XFree86 4.2.1 update (security patch) Message-ID: <20020906002925.GM8779@k7.mavetju> In-Reply-To: <1031207186.913.221.camel@anholt.dyndns.org> References: <1031207186.913.221.camel@anholt.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Sep 04, 2002 at 11:26:25PM -0700, Eric Anholt wrote: > I've committed the 4.2.1 update of XFree86-4-libraries, > XFree86-4-clients, and XFree86-4-Servers to ports, which fixes a bug in > Xlib that "made it possible to load arbitrary code into privileged > clients" (e.g. xterm, which in ports is setuid root). > XFree86-4-libraries update should be all that's necessary to fix that > bug. I'll look at whether the other XFree86-4-* need updating soon. I > don't know about the MIT-SHM change below. Thank you for the commit. But (otherwise I wouldn't bother you) the patch process gives some warnings, for all three the ports: [/usr/ports/x11/XFree86-4-libraries] root@k7>make patch ===> Extracting for XFree86-libraries-4.2.1 >> Checksum OK for xc/X420src-1.tgz. >> Checksum OK for xc/4.2.0-4.2.1.diff.gz. >> Checksum OK for xc/Wraphelp.gz. ===> XFree86-libraries-4.2.1 depends on executable: imake - found ===> XFree86-libraries-4.2.1 depends on shared library: freetype.9 - found /usr/bin/gunzip -f -c /usr/ports/distfiles/xc/Wraphelp.gz > /usr/ports/x11/XFree86-4-libraries/work/xc/lib/Xdmcp/Wraphelp.c ===> Patching for XFree86-libraries-4.2.1 No file to patch. Skipping... 1 out of 1 hunks ignored--saving rejects to doc/specs/Xaw/TextSource.rej Can't create doc/specs/Xaw/TextSource.rej, output is in /tmp/patchrbT30o0: No such file or directory *** Error code 1 (ignored) ===> Applying FreeBSD patches for XFree86-libraries-4.2.1 cd /usr/ports/x11/XFree86-4-libraries/work/xc/nls; for i in Compose XI18N_OBJS XLC_LOCALE; do /bin/ln -s zh_TW.big5 $i/zh_TW.Big5; done It looks harmless (docs only) but I didn't see a message saying "You can safely ignore the warnings" so I thought I'd better ask around. Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin@mavetju.org | Weblog: http://www.mavetju.org/weblog/weblog.php bash$ :(){ :|:&};: | Interested in MUDs? http://www.FatalDimensions.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020906002925.GM8779>