X11R6.9.0 Source Patches

CVE-2006-6101 CVE-2006-6102 CVE-2006-6103: The ProcDbeGetVisualInfo(), ProcDbeSwapBuffer() and ProcRenderAddGlyphs() functions in the X server, implementing requests for the dbe and render extensions, may be used to overwrite data on the stack or in other parts of the X server memory.

MD5: 992f91012c2e2f4c8abdbe8bcdf7b0c4 x11r6.9.0-dbe-render.diff
SHA1: 4fdb8f910ac98288745a06a8670dd1faaf5fea38 x11r6.9.0-dbe-render.diff

CVE-2006-2006-3739 and CVE 2006-3740: It may be possible for a user with the ability to set the X server font path, by making it point to a malicious font, to cause arbitrary code execution or denial of service on the X server.

MD5: 7c0c53f1c7ffd97b429eda1eefdff9cb x11r6.9.0-cidfonts.diff
SHA1: bdb3b086e18fa1ee81020fa6a0657f097db7d037 x11r6.9.0-cidfonts.diff

CVE-2006-0745: The X server as distributed with X11R6.9.0 allowed execution of arbitrary code with root privileges if the server was installed setuid root, as well as a DoS by writing log files to arbitrary locations as root.

MD5: de85e59b8906f76a52ec9162ec6c0b63 x11r6.9.0-geteuid.diff
SHA1: f9b73b7c1bd7d6d6db6d23741d5d1125eea5f860 x11r6.9.0-geteuid.diff

CVE-2006-1526: A buffer overflow in the Render extension triangle handling code makes it possible for an authorized client to crash the X server or allow execution of malicious code with the privileges of the X server.

MD5: d666925bfe3d76156c399091578579ae x11r6.9.0-mitri.diff
SHA1: 3d9da8bb9b28957c464d28ea194d5df50e2a3e5c x11r6.9.0-mitri.diff

setuid() return value check problems on Linux systems.

MD5: 8e95fc06109d44ac280431d9cd8b41c9 x11r6.9.0-setuid.diff
SHA1: e576d725dd5f8d6c70df4b024adeecc5f7f90dc6 x11r6.9.0-setuid.diff