Add vendor patch preventing arbitrary code execution or denial of

service by adding malicious font to X server font path. PR: ports/107733 Security: CVE-2006-3739, CVE 2006-3740
svn path=/head/; revision=183432
2025-01-23 09:10:43 +00:00 · 2007-01-27 20:24:58 +00:00 · 2007-01-27 20:24:58 +00:00 · 378a694d82 · 2021-03-31 03:12:20 +00:00
commit 378a694d82
parent 0b7bf38e90
2 changed files with 8 additions and 0 deletions
--- a/x11/xorg-libraries/Makefile
+++ b/x11/xorg-libraries/Makefile
@ -7,12 +7,17 @@

 PORTNAME=	xorg-libraries
 PORTVERSION=	6.9.0
+PORTREVISION=	1
 CATEGORIES=	x11
 MASTER_SITES=	${MASTER_SITE_XORG}
 MASTER_SITE_SUBDIR=	X11R${PORTVERSION}/src
 DISTFILES=	X11R${PORTVERSION}-src1.tar.gz \
 		X11R${PORTVERSION}-src3.tar.gz

+PATCHFILES=	x11r6.9.0-cidfonts.diff
+PATCH_SITES=	${MASTER_SITE_XORG}
+PATCH_SITE_SUBDIR=	X11R${PORTVERSION}/patches
+
 MAINTAINER=	x11@FreeBSD.org
 COMMENT=	X11 libraries and headers from X.Org

--- a/x11/xorg-libraries/distinfo
+++ b/x11/xorg-libraries/distinfo
@ -4,3 +4,6 @@ SIZE (xorg/X11R6.9.0-src1.tar.gz) = 33460996
 MD5 (xorg/X11R6.9.0-src3.tar.gz) = 4d5450bde835270632e004b25e45ef33
 SHA256 (xorg/X11R6.9.0-src3.tar.gz) = 6c55602a0d6476457d3cf6a1413c39d63c70ca9255749bff5502dae9414f9971
 SIZE (xorg/X11R6.9.0-src3.tar.gz) = 10872474
+MD5 (xorg/x11r6.9.0-cidfonts.diff) = 7c0c53f1c7ffd97b429eda1eefdff9cb
+SHA256 (xorg/x11r6.9.0-cidfonts.diff) = c694b6cfe3c41eb36d566765f70b244307e7aa569f84cd8979e36b7d723aa487
+SIZE (xorg/x11r6.9.0-cidfonts.diff) = 2998