[Call for testers] Update to xorg-server 1.14

[JEREMY COX]

I recently tried to apply the December 10 patch rollup to apply the CVE
updates and 1 patch did not apply cleanly.

_____________________________________________________________________________
===>>> xorg-server-1.14.7,1 1/1

===>>> Currently installed version: xorg-server-1.14.7,1
===>>> Port directory: /usr/ports/x11-servers/xorg-server

===>  Cleaning for xorg-server-1.14.7,1
By default, the X Server installs as a set-user-id root binary. When run by
a normal user, it checks arguments and environment as done in the
x11/wrapper
port before handling them normally.  If you are concerned about the security
of this, but still want to run an X Server (for example using xdm/kdm/gdm,
which will still run the server as root), you can cancel the build and set
xorg-server_UNSET=SUID in /etc/make.conf.
===>  License MIT accepted by the user
===>  Found saved configuration for xorg-server-1.14.7,1
===>   xorg-server-1.14.7,1 depends on file: /usr/local/sbin/pkg - found
===> Fetching all distfiles required by xorg-server-1.14.7,1 for building
===>  Extracting for xorg-server-1.14.7,1
=> SHA256 Checksum OK for xorg/xserver/xorg-server-1.14.7.tar.bz2.
===>  Patching for xorg-server-1.14.7,1
===>  Applying FreeBSD patches for xorg-server-1.14.7,1
2 out of 6 hunks failed--saving rejects to Xi/xipassivegrab.c.rej
=> Patch patch-CVE-2014-8095 failed to apply cleanly.
=> Patch(es) patch-CVE-2014-8092-1-4 patch-CVE-2014-8092-2-4
patch-CVE-2014-8092-3-4 patch-CVE-2014-8092-4-4 patch-CVE-2014-8092-pt5
patch-CVE-2014-8092-pt6 patch-CVE-2014-8093-1-6 patch-CVE-2014-8093-2-6
patch-CVE-2014-8093-3-6 patch-CVE-2014-8093-4-6 patch-CVE-2014-8093-5-6
patch-CVE-2014-8093-6-6 patch-CVE-2014-8094 applied cleanly.
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/x11-servers/xorg-server
*** Error code 1

Stop.
make: stopped in /usr/ports/x11-servers/xorg-server

===>>> make build failed for x11-servers/xorg-server
===>>> Aborting update

===>>> Update for xorg-server-1.14.7,1 failed
===>>> Aborting update

_____________________________________________________________________________
I used the command portmaster -r xorg-server and also tried make install
from the port's directory and both failed. The xipassivegrab.c.rej file:
____________________________________________________________________________

@@ -50,9 +50,10 @@
 SProcXIPassiveGrabDevice(ClientPtr client)
 {
     int i;
-    xXIModifierInfo *mods;
+    uint32_t *mods;

     REQUEST(xXIPassiveGrabDeviceReq);
+    REQUEST_AT_LEAST_SIZE(xXIPassiveGrabDeviceReq);

     swaps(&stuff->length);
     swaps(&stuff->deviceid);
@@ -63,12 +64,12 @@
     swaps(&stuff->mask_len);
     swaps(&stuff->num_modifiers);

-    mods = (xXIModifierInfo *) &stuff[1];
+    REQUEST_FIXED_SIZE(xXIPassiveGrabDeviceReq,
+        ((uint32_t) stuff->mask_len + stuff->num_modifiers) *4);
+    mods = (uint32_t *) &stuff[1] + stuff->mask_len;

     for (i = 0; i < stuff->num_modifiers; i++, mods++) {
-        swapl(&mods->base_mods);
-        swapl(&mods->latched_mods);
-        swapl(&mods->locked_mods);
+        swapl(mods);
     }

     return ProcXIPassiveGrabDevice(client);


I reverted to server 1.12 to see if it would build and it was able to
successfully patch server 1.12. The problem file is (obviously)
patch-CVE-2014-8095.