Changeset dc77783f for x/installing

Timestamp:

08/09/2006 02:20:38 PM (18 years ago)

Author:

Dan Nichilson <dnicholson@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

baf47952

Parents:

b6d80e9

Message:

Patches security vulnerabilities in Xorg-7.1. Closes ticket #2100.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@6281 af4574ff-66df-0310-9fd7-8a98e5e911e0

Location:

x/installing

Files:

• x7app.xml (modified) (2 diffs)
• x7lib.xml (modified) (2 diffs)
• x7server.xml (modified) (2 diffs)

x/installing/x7app.xml

@@ -54 +54 @@
   </itemizedlist>
 
+  <!-- Following four patches are security related and should be
+       fixed for Xorg-7.2 -->
+  <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+  <itemizedlist spacing="compact">
+    <listitem>
+      <para>Required patch: <ulink
+      url="&patch-root;/xdm-1.0.4-setuid-1.patch"/></para>
+    </listitem>
+    <listitem>
+      <para>Required patch: <ulink
+      url="&patch-root;/xf86dga-1.0.1-setuid-1.patch"/></para>
+    </listitem>
+    <listitem>
+      <para>Required patch: <ulink
+      url="&patch-root;/xinit-1.0.2-setuid-1.patch"/></para>
+    </listitem>
+    <listitem>
+      <para>Required patch: <ulink
+      url="&patch-root;/xload-1.0.1-setuid-1.patch"/></para>
+    </listitem>
+  </itemizedlist>
+
   <bridgehead renderas="sect3">Xorg Applications Dependencies</bridgehead>
 
@@ -82 +104 @@
     <title>Installation of Xorg Applications</title>
 
+    <para>A <ulink url='http://wiki.x.org/wiki/SecurityPage'>security
+    vulnerability</ulink> has been identified in the xdm, xf86dga, xinit
+    and xload packages. Before building these packages with the commands
+    shown below, be sure to apply the supplied patches. For xdm, this can be
+    accomplished with with the following command:</para>
+
+<screen><userinput>patch -Np1 -i ../xdm-1.0.4-setuid-1.patch</userinput></screen>
+
+    <para>For xf86dga, the patch can be applied with the following
+    command:</para>
+
+<screen><userinput>patch -Np1 -i ../xf86dga-1.0.1-setuid-1.patch</userinput></screen>
+
+    <para>For xinit, the patch can be applied with the following
+    command:</para>
+
+<screen><userinput>patch -Np1 -i ../xinit-1.0.2-setuid-1.patch</userinput></screen>
+
+    <para>For xload, the patch can be applied with the following
+    command:</para>
+
+<screen><userinput>patch -Np1 -i ../xload-1.0.1-setuid-1.patch</userinput></screen>
+
     <para>Install the applications by running the following commands for each
     chosen package:</para>

x/installing/x7lib.xml

@@ -53 +53 @@
   </itemizedlist>
 
+  <!-- Following two patches are security related and should be
+       fixed for Xorg-7.2 -->
+  <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+  <itemizedlist spacing="compact">
+    <listitem>
+      <para>Required patch: <ulink
+      url="&patch-root;/libX11-1.0.1-setuid-1.patch"/></para>
+    </listitem>
+    <listitem>
+      <para>Required patch: <ulink
+      url="&patch-root;/xtrans-1.0.0-setuid-1.patch"/></para>
+    </listitem>
+  </itemizedlist>
+
   <bridgehead renderas="sect3">Xorg Libraries Dependencies</bridgehead>
 
@@ -82 +96 @@
   <sect2 role="installation">
     <title>Installation of Xorg Libraries</title>
+
+    <para>A <ulink url='http://wiki.x.org/wiki/SecurityPage'>security
+    vulnerability</ulink> has been identified in the libX11 and xtrans
+    packages. Before building these packages with the commands shown below,
+    be sure to apply the supplied patches. For libX11, this can be
+    accomplished with with the following command:</para>
+
+<screen><userinput>patch -Np1 -i ../libX11-1.0.1-setuid-1.patch</userinput></screen>
+
+    <para>For xtrans, the patch can be applied with the following
+    command:</para>
+
+<screen><userinput>patch -Np1 -i ../xtrans-1.0.0-setuid-1.patch</userinput></screen>
 
     <para>Install the libraries by running the following commands for each

x/installing/x7server.xml

@@ -53 +53 @@
   </itemizedlist>
 
+  <!-- Following patch is security related and should be
+       fixed for Xorg-7.2 -->
+  <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+  <itemizedlist spacing="compact">
+    <listitem>
+      <para>Required patch: <ulink
+      url="&patch-root;/xorg-server-1.1.0-setuid-2.patch"/></para>
+    </listitem>
+  </itemizedlist>
+
   <bridgehead renderas="sect3">Xorg Server Dependencies</bridgehead>
 
@@ -90 +100 @@
         hw/xfree86/os-support/linux/lnx_agp.c</userinput></screen>
  End remove -->
+
+    <para>A <ulink url='http://wiki.x.org/wiki/SecurityPage'>security
+    vulnerability</ulink> has been identified in the xorg-server
+    packages. Apply a patch to fix this vulnerability with the following
+    command:</para>
+
+<screen><userinput>patch -Np1 -i ../xorg-server-1.1.0-setuid-2.patch</userinput></screen>
 
     <para>Install the server by running the following commands:</para>