From owner-cvs-all Sun Sep 24 18:16:18 2000 Delivered-To: cvs-all@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 63DC937B422; Sun, 24 Sep 2000 18:16:14 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id SAA81696; Sun, 24 Sep 2000 18:16:14 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sun, 24 Sep 2000 18:16:14 -0700 (PDT) From: Kris Kennaway To: Jean-Marc Zucconi Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: ports/x11/XFree86/patches patch-h In-Reply-To: <200009242312.QAA63864@freefall.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 24 Sep 2000, Jean-Marc Zucconi wrote: > jmz 2000/09/24 16:12:08 PDT > > Added files: > x11/XFree86/patches patch-h > Log: > Some problems were discovered in X11 libraries which can cause DoS in > libICE and xdm. Also some potiential buffer overflow may occur in XKB > options parsing (although they can't be exploited in OpenBSD's default > setup where the X servers are not setuid). This patch fixes all these > problems. Hehe,,the OpenBSD bit was just the header to the patch from their ftp site. It probably does apply to us, but I dont think it's exploitable in practise. Can you please bump PORTREVISION? > Submitted by: kris Obtained from: XFree86 cvs repo where they were hiding it, via OpenBSD Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message