ports/104510: [PATCH] x11/nvidia-driver Update to beta driver to fix vulnerability
Jon Kelly Hays
kelly.hays at jkhfamily.org
Wed Oct 18 02:30:18 UTC 2006
>Number: 104510
>Category: ports
>Synopsis: [PATCH] x11/nvidia-driver Update to beta driver to fix vulnerability
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed Oct 18 02:30:15 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Jon Kelly Hays
>Release:
>Organization:
>Environment:
>Description:
Current version of x11/nvidia-driver is marked FORBIDDEN due to arbitrary root code execution vulnerability.
See http://vuxml.FreeBSD.org/a6d9da4a-5d5e-11db-8faf-000c6ec775d9.html for details.
A Beta version of the driver exists that I have verified does not have the vulnerability.
>How-To-Repeat:
>Fix:
Update to the beta driver version 9625. See patches below:
--- Makefile.jkh Tue Oct 17 19:51:12 2006
+++ Makefile Tue Oct 17 20:41:27 2006
@@ -17,7 +17,6 @@
MAINTAINER= danfe at FreeBSD.org
COMMENT= NVidia graphics card binary drivers for hardware OpenGL rendering
-FORBIDDEN= Buffer overflow vulnerability: http://vuxml.FreeBSD.org/a6d9da4a-5d5e-11db-8faf-000c6ec775d9.html
ONLY_FOR_ARCHS= i386
@@ -83,7 +82,7 @@
PORTREVISION= 3
EXTRA_PATCHES+= ${FILESDIR}/6113-patch-lib::Makefile
.else
-NVVERSION= 8774
+NVVERSION= 9625
EXTRA_PATCHES+= ${FILESDIR}/7667-*
.endif
.if ${OSVERSION} >= 600033
--- distinfo.jkh Tue Oct 17 20:01:08 2006
+++ distinfo Tue Oct 17 20:07:05 2006
@@ -4,6 +4,6 @@
MD5 (NVIDIA-FreeBSD-x86-1.0-7174.tar.gz) = b57a03e0325617092016144229ae6114
SHA256 (NVIDIA-FreeBSD-x86-1.0-7174.tar.gz) = 926dfca6078bcaed486e0e27637faacd6a9eda7a3252d0d7779256e674776532
SIZE (NVIDIA-FreeBSD-x86-1.0-7174.tar.gz) = 8433799
-MD5 (NVIDIA-FreeBSD-x86-1.0-8774.tar.gz) = 0fe3cbc309815f4ac3d70e7d1a3a4f9e
-SHA256 (NVIDIA-FreeBSD-x86-1.0-8774.tar.gz) = a5156d4da19fa544172ec9eca4e612c6b48c7d9f932cebf695e7206343ed9a07
-SIZE (NVIDIA-FreeBSD-x86-1.0-8774.tar.gz) = 9449433
+MD5 (NVIDIA-FreeBSD-x86-1.0-9625.tar.gz) = 4958ecfa87745c6afed008b0067c9720
+SHA256 (NVIDIA-FreeBSD-x86-1.0-9625.tar.gz) = 14689225ad924451a87512f245a1d5ac48c18dde128ec4277802de602c545d9e
+SIZE (NVIDIA-FreeBSD-x86-1.0-9625.tar.gz) = 9715066
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list