- release 9: security fix,

- merge xterm-can-2003-0063 RH patch
  http://icat.nist.gov/icat.cfm?cvename=CAN-2003-0063:
   The xterm terminal emulator in XFree86 4.2.0 allows attackers to modify
   the window title via a certain character escape sequence and then insert
   it back to the command line in the user's terminal, e.g. when the user
   views a file containing the malicious sequence, which could allow the
   attacker to execute arbitrary commands.

Changed files:
    XFree86.spec -> 1.344.2.1

diff --git a/XFree86.spec b/XFree86.spec
index 6d980c0c6db9dd4321dbe69aa981bbb5a1238d73..a1f677a950775f401da09a9246fa172938b0313b 100644 (file)
--- a/XFree86.spec
+++ b/XFree86.spec
@@ -17,7 +17,7 @@ Summary(uk):  
 Summary(zh_CN):        XFree86 ´°¿Úϵͳ·þÎñÆ÷ºÍ»ù±¾³ÌÐò
 Name:          XFree86
 Version:       4.2.1
-Release:       8
+Release:       9
 License:       MIT
 Group:         X11/XFree86
 Source0:       ftp://ftp.xfree86.org/pub/XFree86/4.2.0/source/X420src-1.tgz
@@ -111,6 +111,8 @@ Patch57:    %{name}-GLcore-strip-a-workaround.patch
 # Original from: ftp://ftp.xfree86.org/pub/XFree86/4.2.1/fixes/4.2.1-mit-shm-security.patch
 Patch58:       %{name}-4.2.1-mit-shm-security.patch
 Patch59:       %{name}-disable_glide.patch
+Patch60:       %{name}-xterm-can-2003-0063.patch
+URL:           http://www.xfree86.org/
 BuildRequires: bison
 BuildRequires: flex
 BuildRequires: freetype-devel >= 2.0.0
@@ -1781,6 +1783,7 @@ System. 
 %{!?debug:%patch57 -p1}
 %patch58 -p0
 %{?_without_tdfx:%patch59 -p0}
+%patch60 -p1
 
 rm -f xc/config/cf/host.def