Patch-ID# 118908-06


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security xorg
Synopsis: X11 6.7.0_x86: Xorg patch
Date: Sep/23/2008


Install Requirements: NA

Solaris Release: 9_x86

SunOS Release: 5.9_x86

Unbundled Product: X11

Unbundled Release: 6.7.0_x86

Xref:

Topic:

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #
620255115238926
620729915240717
631643815284059
650440815366964
652619215379505
663572115442111
663572715442114
663573215442118
663574015442123
663617415442361
664050515445070
664276215446414
666011515456341
668356715469816


Changes incorporated in this version: 6683567

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

/usr/X11/bin/Xorg
/usr/X11/lib/modules/drivers/nv_drv.so
/usr/X11/lib/modules/extensions/libdbe.so
/usr/X11/lib/modules/extensions/libextmod.so
/usr/X11/lib/modules/extensions/librecord.so
/usr/X11/lib/modules/libafb.so
/usr/X11/lib/modules/libcfb.so
/usr/X11/lib/modules/libcfb16.so
/usr/X11/lib/modules/libcfb24.so
/usr/X11/lib/modules/libcfb32.so
/usr/X11/lib/modules/libfb.so
/usr/X11/lib/modules/libmfb.so
/usr/X11/lib/modules/libxaa.so
/usr/X11/lib/modules/libxf4bpp.so
/usr/X11/share/man/man7/nv.7

Problem Description:

6683567 [X.Org Bug 15222] multiple X server vulnerabilities reported by iDefense
 
(from 118908-05)
 
6660115 MIT-SHM security fix broke pixmaps of less than 8-bit depth
 
(from 118908-04)
 
6642762 [X.Org Bug 13706] file existence disclosure vulnerability [CVE-2007-5958]
6635732 [X.Org Bug 13519] EVI Extension Integer Overflow Vulnerability
6635740 [X.Org Bug 13520] MIT-SHM Extension Integer Overflow Vulnerability
6640505 [X.Org Bug 13526] PCF font parser vulnerability
6636174 [X.Org Bug 13524] XFree86-MISC Extension Invalid Array Index Vulnerability
6635727 [X.Org Bug 13523] TOG-CUP Extension Memory Corruption Vulnerability
6635721 [X.Org Bug 13522] XInput Extension Memory Corruption Vulnerability
 
(from 118908-03)
 
6504408 [X.Org Bug 9267] multiple integer overflows in XRender and DBE extensions
6526192 [X.Org Bug 10001] XC-MISC Extension ProcXCMiscGetXIDList Memory Corruption Vulnerability
 
(from 118908-02)
 
6316438 [CAN-2005-2495] integer overflow in Xorg
 
(from 118908-01)
 
6202551 Xorg doesn't export shm functions to drivers
6207299 [X.Org Bug 1985] sync to 12/08/04 version of Nvidia driver


Patch Installation Instructions:
-------------------------------- 
Refer to the man pages for instructions on using 'patchadd' and 'patchrm'
scripts provided with Solaris.  Any other special or non-generic
installation instructions should be described below as special
instructions.  The following example installs a patch to a standalone
machine:
 
	example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
	example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.


Special Install Instructions:
----------------------------- 
None.


README -- Last modified date: Saturday, November 10, 2012