Changeset d1e71ed for x

Timestamp:

10/12/2006 03:28:43 AM (18 years ago)

Author:

Dan Nichilson <dnicholson@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

76d61ba

Parents:

4be5ad2

Message:

More security patches for Xorg

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@6336 af4574ff-66df-0310-9fd7-8a98e5e911e0

Location:

x/installing

Files:

• x7lib.xml (modified) (4 diffs)
• xorg.xml (modified) (2 diffs)

x/installing/x7lib.xml

@@ -56 +56 @@
     </itemizedlist>
 
-    <!-- Following two patches are security related and should be
+    <!-- Following three patches are security related and should be
         fixed for Xorg-7.2 -->
     <bridgehead renderas="sect3">Additional Downloads</bridgehead>
@@ -67 +67 @@
         <para>Required patch: <ulink
         url="&patch-root;/xtrans-1.0.0-setuid-1.patch"/></para>
+      </listitem>
+      <listitem>
+        <para>Required patch: <ulink
+        url="&patch-root;/libXfont-1.1.0-cidfonts-1.patch"/></para>
       </listitem>
     </itemizedlist>
@@ -102 +106 @@
     <title>Installation of Xorg Libraries</title>
 
-    <para>A <ulink url='http://wiki.x.org/wiki/SecurityPage'>security
-    vulnerability</ulink> has been identified in the libX11 and xtrans
-    packages. Before building these packages with the commands shown below,
-    be sure to apply the supplied patches. For libX11, this can be
-    accomplished with with the following command:</para>
+    <para><ulink url='http://wiki.x.org/wiki/SecurityPage'>Security
+    vulnerabilities</ulink> have been identified in the libX11, xtrans
+    and libXfont packages. Before building these packages with the
+    commands shown below, be sure to apply the supplied patches.
+    For libX11, this can be accomplished with with the following
+    command:</para>
 
 <screen><userinput>patch -Np1 -i ../libX11-1.0.1-setuid-1.patch</userinput></screen>
@@ -114 +119 @@
 
 <screen><userinput>patch -Np1 -i ../xtrans-1.0.0-setuid-1.patch</userinput></screen>
+
+    <para>For libXfont, the patch can be applied with the following
+    command:</para>
+
+<screen><userinput>patch -Np1 -i ../libXfont-1.1.0-cidfonts-1.patch</userinput></screen>
 
     <para>Install the libraries by running the following commands for each

x/installing/xorg.xml

@@ -92 +92 @@
       <listitem>
         <para>Required patch: <ulink
-        url="&patch-root;/xorg-&xorg-version;-security-2.patch"/></para>
+        url="&patch-root;/xorg-&xorg-version;-security-3.patch"/></para>
       </listitem>
     </itemizedlist>
@@ -202 +202 @@
       <para>The <application>Xorg</application> sources must be patched in
       order to avoid a race condition with the <application>luit</application>
-      program.  Additionally, <application>Xorg</application> contains 3
-      <ulink url="http://wiki.x.org/wiki/SecurityPage">security vulnerabilities</ulink>.
-      Fix these issues with the following commands:</para>
+      program.  Additionally, <application>Xorg</application> contains 4
+      <ulink url="http://wiki.x.org/wiki/SecurityPage">security
+      vulnerabilities</ulink>. Fix these issues with the following
+      commands:</para>
 
 <screen><userinput>patch -Np1 -i ../xorg-&xorg-version;-luit_race-1.patch &amp;&amp;
-patch -Np1 -i ../xorg-&xorg-version;-security-2.patch</userinput></screen>
+patch -Np1 -i ../xorg-&xorg-version;-security-3.patch</userinput></screen>
 
       <para>Additionally, if you choose to install