X11R7.0 Source Patches

CVE-2006-6101 CVE-2006-6102 CVE-2006-6103: The ProcDbeGetVisualInfo(), ProcDbeSwapBuffer() and ProcRenderAddGlyphs() functions in the X server, implementing requests for the dbe and render extensions, may be used to overwrite data on the stack or in other parts of the X server memory.

MD5: 03abf171a5c9258bf6921109803f11ae xorg-xserver-1.0.1-dbe-render.diff
SHA1: 9aff9da694e32006ea69a02c7d9da66243ef4f7d xorg-xserver-1.0.1-dbe-render.diff

CVE-2006-2006-3739 and CVE 2006-3740: It may be possible for a user with the ability to set the X server font path, by making it point to a malicious font, to cause arbitrary code execution or denial of service on the X server.

MD5: 8bcbe12444326fab69f8a899c78519ea libXfont-1.0.0-cidfonts.diff
SHA1: b0778179be6a52c5f10ddbb7cd349c06c3c8bd2d libXfont-1.0.0-cidfonts.diff

CVE-2006-0745: The X server as distributed with X11R7 (xorg-server 1.0.0, as well as xorg-server 1.0.1) allowed execution of arbitrary code with root privileges if the server was installed setuid root, as well as a DoS by writing log files to arbitrary locations as root.

MD5: 80db6a3ab76334061ec6102e74ef5607 xorg-server-1.0.1-geteuid.diff
SHA1: 44b44fa3efc63697eefadc7c2a1bfa50a35eec91 xorg-server-1.0.1-geteuid.diff

CVE-2006-1526: A buffer overflow in the Render extension triangle handling code makes it possible for an authorized client to crash the X server or allow execution of malicious code with the privileges of the X server.

MD5: 9a9356f86fe2c10985f1008d459fb272 x11r7.0-mitri.diff
SHA1: d6eba2bddac69f12f21785ea94397b206727ba93 x11r7.0-mitri.diff

setuid() return value check problems on Linux systems.

MD5: 8e95fc06109d44ac280431d9cd8b41c9 x11r7.0-setuid.diff
SHA1: e576d725dd5f8d6c70df4b024adeecc5f7f90dc6 x11r7.0-setuid.diff