Fix 2 CVE's (its about time)

git-svn-id: https://trillian.chruetertee.ch/svn/ports/branches/xorg-dev@322 058c260c-8361-11dd-a0ac-aa2bafec7d09

3 files changed, 21 insertions, 1 deletions

diff --git a/x11-servers/xorg-server/Makefile b/x11-servers/xorg-server/Makefile
index 3f19c52..0c5fc1b 100644
--- a/x11-servers/xorg-server/Makefile
+++ b/x11-servers/xorg-server/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	xorg-server
 PORTVERSION=	1.10.4
+PORTREVISION=	1
 PORTEPOCH=	1
 CATEGORIES=	x11-servers
 MASTER_SITES=	http://xorg.freedesktop.org/releases/individual/xserver/
diff --git a/x11-servers/xorg-server/files/patch-os-utils.c b/x11-servers/xorg-server/files/patch-os-utils.c
new file mode 100644
index 0000000..2980ded
--- /dev/null
+++ b/x11-servers/xorg-server/files/patch-os-utils.c
@@ -0,0 +1,20 @@
+--- os/utils.c.orig	2010-05-04 02:48:00.000000000 +0200
++++ os/utils.c	2011-10-18 20:08:10.000000000 +0200
+@@ -315,7 +315,7 @@
+     FatalError("Could not create lock file in %s\n", tmp);
+   (void) sprintf(pid_str, "%10ld\n", (long)getpid());
+   (void) write(lfd, pid_str, 11);
+-  (void) chmod(tmp, 0444);
++  (void) fchmod(tmp, 0444);
+   (void) close(lfd);
+ 
+   /*
+@@ -336,7 +336,7 @@
+       /*
+        * Read the pid from the existing file
+        */
+-      lfd = open(LockFile, O_RDONLY);
++      lfd = open(LockFile, O_RDONLY|O_NOFOLLOW);
+       if (lfd < 0) {
+         unlink(tmp);
+         FatalError("Can't read lock file %s\n", LockFile); 
diff --git a/x11-servers/xorg-server/pkg-plist b/x11-servers/xorg-server/pkg-plist
index f85022e..7630907 100644
--- a/x11-servers/xorg-server/pkg-plist
+++ b/x11-servers/xorg-server/pkg-plist
@@ -216,7 +216,6 @@ lib/xorg/protocol.txt
 libdata/pkgconfig/xorg-server.pc
 share/aclocal/xorg-server.m4
 @exec /bin/mkdir -p %D/share/X11/xorg.conf.d
-@dirrm share/doc/xorg-server
 @dirrm include/xorg
 @dirrm lib/xorg/modules/extensions
 @dirrm lib/xorg/modules/multimedia