From 504d0c05c1a52e7265a4e2dabeca3155e3191945 Mon Sep 17 00:00:00 2001 From: Dan Nichilson Date: Fri, 14 Apr 2006 21:52:03 +0000 Subject: [PATCH] Fixed Xorg security bug in ticket #1876. Imporved sed to include linux/types.h git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@5863 af4574ff-66df-0310-9fd7-8a98e5e911e0 --- introduction/welcome/changelog.xml | 5 +++++ x/installing/xorg.xml | 12 ++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/introduction/welcome/changelog.xml b/introduction/welcome/changelog.xml index 358d89cef6..14e091ac50 100644 --- a/introduction/welcome/changelog.xml +++ b/introduction/welcome/changelog.xml @@ -44,6 +44,11 @@ April 14th, 2006 + + [dnicholson] - Added sed to Xorg-6.9.0 to fix security + vulnerabitility in ticket #1876. Changed sed to include + linux/types.h to be the same as that in Xorg-7.0.0. + [randy] - Updated all the wiki links to point to the existing package wiki page if one existed. diff --git a/x/installing/xorg.xml b/x/installing/xorg.xml index 0d5b393eaa..5b2353cb3c 100644 --- a/x/installing/xorg.xml +++ b/x/installing/xorg.xml @@ -202,12 +202,16 @@ order to avoid a race condition with the luit program. Additionally, recent glibc requires linux/types.h to be included prior to - asm/types.h. Fix both issues with the following - commands: + asm/types.h. Finally, the server portion of + Xorg contains a security vulnerability. + Fix these issues with the following commands: patch -Np1 -i ../xorg-&xorg-version;-luit_race-1.patch && -sed -i "s@*/@*/\n#include <linux/types.h>\n@" \ - programs/Xserver/hw/xfree86/os-support/linux/lnx_agp.c +sed -i '/CONFIG_H/i #include <linux/types.h>' \ + programs/Xserver/hw/xfree86/os-support/linux/lnx_agp.c && +sed -i 's/geteuid /geteuid() /' \ + programs/Xserver/hw/xfree86/common/xf86Init.c Additionally, if you choose to install Xorg to any prefix other than