Pullup ticket 1825 - requested by joerg

security fixes for xorg

Revisions pulled up:
- pkgsrc/x11/xorg-libs/Makefile			1.42, 1.43, 1.44
- pkgsrc/x11/xorg-libs/PLIST			1.11
- pkgsrc/x11/xorg-libs/distinfo			1.53, 1.54
- pkgsrc/x11/xorg-libs/patches/patch-cg		1.1
- pkgsrc/x11/xorg-libs/patches/patch-ch		1.1
- pkgsrc/x11/xorg-libs/patches/patch-ci		1.1
- pkgsrc/x11/xorg-libs/patches/patch-cj		1.1
- pkgsrc/x11/xorg-libs/patches/patch-ck		1.1
- pkgsrc/x11/xorg-libs/patches/patch-cl		1.1
- pkgsrc/x11/xorg-libs/patches/patch-cm		1.1
- pkgsrc/x11/xorg-libs/patches/patch-cn		1.1
- pkgsrc/x11/xorg-libs/patches/patch-co		1.1
- pkgsrc/x11/xorg-libs/patches/patch-cp		1.1
- pkgsrc/x11/xorg-libs/patches/patch-cq		1.1
- pkgsrc/x11/xorg-libs/patches/patch-cr		1.1
- pkgsrc/x11/xorg-libs/patches/patch-cs		1.1
- pkgsrc/x11/xorg-libs/patches/patch-ct		1.1
- pkgsrc/x11/xorg-clients/Makefile		1.30, 1.31
- pkgsrc/x11/xorg-server/Makefile		1.46

   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Sat Aug 26 15:20:44 UTC 2006

   Modified Files:
   	pkgsrc/x11/xorg-libs: Makefile PLIST

   Log Message:
   Fix PLIST for FreeBSD. Bump revision.
---
   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Tue Aug 29 15:06:59 UTC 2006

   Modified Files:
   	pkgsrc/x11/xorg-clients: Makefile

   Log Message:
   Make xorg-libs dependency explicit instead of including it indirectly
   via xcursor->Xfixes. Bump revision. Noticed by tron@.
---
   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Wed Sep 13 12:27:26 UTC 2006

   Modified Files:
   	pkgsrc/x11/xorg-libs: Makefile distinfo
   Added Files:
   	pkgsrc/x11/xorg-libs/patches: patch-cg patch-ch patch-ci

   Log Message:
   Fixes for CVE-2006-2006-3739 and CVE-2006-3740.
   Bump revision.
---
   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Thu Sep 14 16:52:54 UTC 2006

   Modified Files:
   	pkgsrc/x11/xorg-libs: distinfo
   Added Files:
   	pkgsrc/x11/xorg-libs/patches: patch-cj patch-ck patch-cl patch-cm
   	    patch-cn patch-co patch-cp patch-cq patch-cr patch-cs patch-ct

   Log Message:
   Check set*uid for error, at least on Linux it can fail.
   Bump revisions of xorg-clients, xorg-libs and xorg-server.
---
   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Thu Sep 14 17:13:58 UTC 2006

   Modified Files:
   	pkgsrc/x11/xorg-clients: Makefile
   	pkgsrc/x11/xorg-libs: Makefile
   	pkgsrc/x11/xorg-server: Makefile

   Log Message:
   Actually bump the revisions as promised.

19 files changed, 372 insertions, 8 deletions

diff --git a/x11/xorg-clients/Makefile b/x11/xorg-clients/Makefile
index b60906422ac..f9310665e61 100644
--- a/x11/xorg-clients/Makefile
+++ b/x11/xorg-clients/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.29 2006/06/11 14:51:11 joerg Exp $
+# $NetBSD: Makefile,v 1.29.2.1 2006/09/16 10:27:04 salo Exp $
 
 DISTNAME=	${DISTFILES}
 PKGNAME=	xorg-clients-${XORG_VER}
-PKGREVISION=	7
+PKGREVISION=	9
 CATEGORIES=	x11
 MASTER_SITES=	${MASTER_SITE_XORG}
 DISTFILES=	X11R${XORG_VER}-src1.tar.gz \
@@ -69,4 +69,5 @@ post-configure:
 .include "../../graphics/png/buildlink3.mk"
 .include "../../x11/Xrandr/buildlink3.mk"
 .include "../../x11/xcursor/buildlink3.mk"
+.include "../../mk/x11.buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff --git a/x11/xorg-libs/Makefile b/x11/xorg-libs/Makefile
index 50ea4050815..612c3bbd0d8 100644
--- a/x11/xorg-libs/Makefile
+++ b/x11/xorg-libs/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.36.2.1 2006/08/23 23:30:32 salo Exp $
+# $NetBSD: Makefile,v 1.36.2.2 2006/09/16 10:27:04 salo Exp $
 
 DISTNAME=		${DISTFILES}
 PKGNAME=		xorg-libs-${XORG_VER}
-PKGREVISION=		7
+PKGREVISION=		10
 CATEGORIES=		x11
 MASTER_SITES=		${MASTER_SITE_XORG}
 DISTFILES=		X11R${XORG_VER}-src1.tar.gz X11R${XORG_VER}-src2.tar.gz \
diff --git a/x11/xorg-libs/PLIST b/x11/xorg-libs/PLIST
index 90fb7f95adc..5b500f006f8 100644
--- a/x11/xorg-libs/PLIST
+++ b/x11/xorg-libs/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.7.2.1 2006/08/23 23:30:32 salo Exp $
+@comment $NetBSD: PLIST,v 1.7.2.2 2006/09/16 10:27:04 salo Exp $
 ${X11ROOT_PREFIX}/include/DPS/ColorSB.h
 ${X11ROOT_PREFIX}/include/DPS/ColorSBP.h
 ${X11ROOT_PREFIX}/include/DPS/DPSScrollW.h
@@ -882,6 +882,10 @@ ${X11ROOT_PREFIX}/lib/libSM.so.6
 ${X11ROOT_PREFIX}/lib/libX11.a
 ${X11ROOT_PREFIX}/lib/libX11.so
 ${X11ROOT_PREFIX}/lib/libX11.so.6
+${X11ROOT_PREFIX}/lib/libXau.so
+${X11ROOT_PREFIX}/lib/libXau.so.6
+${X11ROOT_PREFIX}/lib/libXdmcp.so
+${X11ROOT_PREFIX}/lib/libXdmcp.so.6
 ${X11ROOT_PREFIX}/lib/libXRes.a
 ${X11ROOT_PREFIX}/lib/libXRes.so
 ${X11ROOT_PREFIX}/lib/libXRes.so.1
diff --git a/x11/xorg-libs/distinfo b/x11/xorg-libs/distinfo
index 1850423592f..96645ce80b2 100644
--- a/x11/xorg-libs/distinfo
+++ b/x11/xorg-libs/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.46.2.2 2006/08/23 23:30:32 salo Exp $
+$NetBSD: distinfo,v 1.46.2.3 2006/09/16 10:27:05 salo Exp $
 
 SHA1 (X11R6.9.0-src1.tar.gz) = a6c077ed8fdeee5fe1956a427c4cb0bc266e1bef
 RMD160 (X11R6.9.0-src1.tar.gz) = d12270a4f41a3ceee4bfd5da22d387a3aa707df8
@@ -59,3 +59,17 @@ SHA1 (patch-cc) = d5d72e525f9564eda7f2ea21ddb179800fb153b5
 SHA1 (patch-cd) = e4bb522f4f3e896627aab68e39b0c643e4a6a5be
 SHA1 (patch-ce) = ce68c16dde6a924dbb43b44653bd4bc7c26c34ef
 SHA1 (patch-cf) = ec178ce36dbcd9b65d49584aa80e080b6f11132a
+SHA1 (patch-cg) = 82b40c8e39305bd320a88498c7202dc6e1e11743
+SHA1 (patch-ch) = e09e3fe3dd14caa70d2bcee1b58a72db0851632c
+SHA1 (patch-ci) = eaba43892d9968cf268ce1c0efe31a14c1a56ed5
+SHA1 (patch-cj) = 2eb6dd78ef66b25a7f821fe65e03a66dcb40d90f
+SHA1 (patch-ck) = 672f0af1ed67ead19bd2edf3afdaefcaaefa73d2
+SHA1 (patch-cl) = 296d1dd7d7c4f64f4b9b7e878538ed5ceda2520d
+SHA1 (patch-cm) = d687dc6a731715eefda76e9797ce40daa120d7fd
+SHA1 (patch-cn) = 60949f6c04d93f4936594a8cc3edd753d8201b9e
+SHA1 (patch-co) = 92832fb4a61dbff18ca15d8963e58420b29e7b22
+SHA1 (patch-cp) = 633ece071dd407721bb6de780df2f4255a958938
+SHA1 (patch-cq) = ea8659818ffec0db8a1d11a2a45c3cdcce8b85bc
+SHA1 (patch-cr) = c613afdca92b36a1a34264a53f9eaf4a8276a5fa
+SHA1 (patch-cs) = 686c444c42acbbae4030ff198bcd4fbd08e7a0e3
+SHA1 (patch-ct) = 96084456c2d7d4aaf05b2eebd13be2e575cead29
diff --git a/x11/xorg-libs/patches/patch-cg b/x11/xorg-libs/patches/patch-cg
new file mode 100644
index 00000000000..3e760ec4252
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-cg
@@ -0,0 +1,27 @@
+$NetBSD: patch-cg,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+Fixes for CVE-2006-2006-3739 and CVE-2006-3740.
+
+--- lib/font/Type1/afm.c.orig	2006-09-13 14:17:16.000000000 +0200
++++ lib/font/Type1/afm.c
+@@ -29,6 +29,7 @@
+ #include <stdio.h>
+ #include <string.h>
+ #include <stdlib.h>
++#include <limits.h>
+ #else
+ #include "Xmd.h"        /* For INT32 declaration */
+ #include "Xdefs.h"      /* For Bool */
+@@ -118,6 +119,12 @@ int CIDAFM(FILE *fd, FontInfo **pfi) {
+             
+             fi->nChars = atoi(p);
+ 
++	    if (fi->nChars < 0 || fi->nChars  > INT_MAX / sizeof(Metrics)) {
++                xfree(afmbuf);
++                xfree(fi);
++                return(1);
++	    }
++
+             fi->metrics = (Metrics *)xalloc(fi->nChars * 
+                 sizeof(Metrics));
+             if (fi->metrics == NULL) {
diff --git a/x11/xorg-libs/patches/patch-ch b/x11/xorg-libs/patches/patch-ch
new file mode 100644
index 00000000000..d9a1faa160d
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-ch
@@ -0,0 +1,52 @@
+$NetBSD: patch-ch,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+Fixes for CVE-2006-2006-3739 and CVE-2006-3740.
+
+--- lib/font/Type1/scanfont.c.orig	2006-09-13 14:18:59.000000000 +0200
++++ lib/font/Type1/scanfont.c
+@@ -57,6 +57,7 @@
+ 
+ #ifndef FONTMODULE
+ #include <string.h>
++#include <limits.h>
+ #else
+ #include "Xdefs.h"	/* Bool declaration */
+ #include "Xmd.h"	/* INT32 declaration */
+@@ -654,6 +655,7 @@ getFDArray(psobj *arrayP)
+   arrayP->data.valueP = tokenStartP;
+ 
+   /* allocate FDArray */
++  /* No integer overflow since arrayP->len is unsigned short */
+   FDArrayP = (psfont *)vm_alloc(arrayP->len*(sizeof(psfont)));
+   if (!(FDArrayP)) return(SCAN_OUT_OF_MEMORY);
+ 
+@@ -850,7 +852,8 @@ BuildSubrs(psfont *FontP)
+      }
+      return(SCAN_OK);
+    }
+- 
++   if (N > INT_MAX / sizeof(psobj))
++     return (SCAN_ERROR);
+    arrayP = (psobj *)vm_alloc(N*sizeof(psobj));
+    if (!(arrayP) ) return(SCAN_OUT_OF_MEMORY);
+    FontP->Subrs.len = N;
+@@ -911,7 +914,7 @@ BuildCharStrings(psfont *FontP)
+      }
+      else return(rc);  /* if next token was not an Int */
+    }
+-   if (N<=0) return(SCAN_ERROR);
++   if (N<=0 || N > INT_MAX / sizeof(psdict)) return(SCAN_ERROR);
+    /* save number of entries in the dictionary */
+  
+    dictP = (psdict *)vm_alloc((N+1)*sizeof(psdict));
+@@ -1719,6 +1722,10 @@ scan_cidfont(cidfont *CIDFontP, cmapres 
+     if (tokenType == TOKEN_INTEGER)
+       rangecnt = tokenValue.integer;
+ 
++    if (rangecnt < 0 || rangecnt > INT_MAX / sizeof(spacerangecode)) {
++      rc = SCAN_ERROR;
++      break;
++    }
+     /* ==> tokenLength, tokenTooLong, tokenType, and */
+     /* tokenValue are now set                        */
+ 
diff --git a/x11/xorg-libs/patches/patch-ci b/x11/xorg-libs/patches/patch-ci
new file mode 100644
index 00000000000..d751cd0fae8
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-ci
@@ -0,0 +1,15 @@
+$NetBSD: patch-ci,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+Fixes for CVE-2006-2006-3739 and CVE-2006-3740.
+
+--- lib/font/Type1/util.c.orig	2006-09-13 14:22:13.000000000 +0200
++++ lib/font/Type1/util.c
+@@ -104,7 +104,7 @@ vm_alloc(int bytes)
+   bytes = (bytes + 7) & ~7;
+  
+   /* Allocate the space, if it is available */
+-  if (bytes <= vm_free) {
++  if (bytes > 0 && bytes <= vm_free) {
+     answer = vm_next;
+     vm_free -= bytes;
+     vm_next += bytes;
diff --git a/x11/xorg-libs/patches/patch-cj b/x11/xorg-libs/patches/patch-cj
new file mode 100644
index 00000000000..457f3990d0f
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-cj
@@ -0,0 +1,33 @@
+$NetBSD: patch-cj,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- programs/xload/xload.c.orig	2004-04-23 21:54:57.000000000 +0200
++++ programs/xload/xload.c
+@@ -34,7 +34,7 @@ from the X Consortium.
+  * xload - display system load average in a window
+  */
+ 
+-
++#include <errno.h>
+ #include <stdio.h> 
+ #include <stdlib.h>
+ #include <unistd.h>
+@@ -162,8 +162,17 @@ main(int argc, char **argv)
+     /* For security reasons, we reset our uid/gid after doing the necessary
+        system initialization and before calling any X routines. */
+     InitLoadPoint();
+-    setgid(getgid());		/* reset gid first while still (maybe) root */
+-    setuid(getuid());
++    /* reset gid first while still (maybe) root */
++    if (setgid(getgid()) == -1) {
++	    fprintf(stderr, "%s: setgid failed: %s\n", 
++		ProgramName, strerror(errno));
++	    exit(1);
++    }
++    if (setuid(getuid()) == -1) {
++	    fprintf(stderr, "%s: setuid failed: %s\n", 
++		ProgramName, strerror(errno));
++	    exit(1);
++    }
+ 
+     XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
+ 
diff --git a/x11/xorg-libs/patches/patch-ck b/x11/xorg-libs/patches/patch-ck
new file mode 100644
index 00000000000..d8d269b644f
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-ck
@@ -0,0 +1,16 @@
+$NetBSD: patch-ck,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- programs/xinit/xinit.c.orig	2005-10-04 03:27:34.000000000 +0200
++++ programs/xinit/xinit.c
+@@ -692,7 +692,10 @@ static int
+ startClient(char *client[])
+ {
+ 	if ((clientpid = vfork()) == 0) {
+-		setuid(getuid());
++		if (setuid(getuid()) == -1) {
++			Error("cannot change uid: %s\n", strerror(errno));
++			_exit(ERR_EXIT);
++		}
+ 		setpgrp(0, getpid());
+ 		environ = newenviron;
+ #ifdef __UNIXOS2__
diff --git a/x11/xorg-libs/patches/patch-cl b/x11/xorg-libs/patches/patch-cl
new file mode 100644
index 00000000000..3e2d3e633b3
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-cl
@@ -0,0 +1,17 @@
+$NetBSD: patch-cl,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- programs/Xserver/hw/xfree86/common/xf86Init.c.orig	2006-09-13 14:25:27.000000000 +0200
++++ programs/Xserver/hw/xfree86/common/xf86Init.c
+@@ -1905,7 +1905,11 @@ xf86RunVtInit(void)
+           FatalError("xf86RunVtInit: fork failed (%s)\n", strerror(errno));
+           break;
+       case 0:  /* child */
+-          setuid(getuid());
++	  if (setuid(getuid()) == -1) {
++	      xf86Msg(X_ERROR, "xf86RunVtInit: setuid failed (%s)\n",
++			 strerror(errno));
++	      exit(255);
++	  }
+           /* set stdin, stdout to the consoleFd */
+           for (i = 0; i < 2; i++) {
+             if (xf86Info.consoleFd != i) {
diff --git a/x11/xorg-libs/patches/patch-cm b/x11/xorg-libs/patches/patch-cm
new file mode 100644
index 00000000000..44ae2f509ce
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-cm
@@ -0,0 +1,17 @@
+$NetBSD: patch-cm,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- programs/xdm/xdmshell.c.orig	2005-07-15 00:58:25.000000000 +0200
++++ programs/xdm/xdmshell.c
+@@ -183,7 +183,11 @@ main (
+ #endif
+ 
+     /* make xdm run in a non-setuid environment */
+-    setuid (geteuid());
++    if (setuid (geteuid()) == -1) {
++	fprintf(stderr, "%s: cannot setuid (error %d, %s)\r\n",
++		ProgramName, errno, strerror(errno));
++	exit(1);
++    }
+ 
+     /*
+      * exec /usr/bin/X11/xdm -nodaemon -udpPort 0
diff --git a/x11/xorg-libs/patches/patch-cn b/x11/xorg-libs/patches/patch-cn
new file mode 100644
index 00000000000..20ecd30c6f4
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-cn
@@ -0,0 +1,16 @@
+$NetBSD: patch-cn,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- programs/Xserver/hw/xfree86/parser/write.c.orig	2005-07-03 09:01:37.000000000 +0200
++++ programs/Xserver/hw/xfree86/parser/write.c
+@@ -170,7 +170,10 @@ xf86writeConfigFile (const char *filenam
+ 					strerror(errno));
+ 			return 0;
+ 		case 0: /* child */
+-			setuid(getuid());
++			if (setuid(getuid() == -1) 
++			    FatalError("xf86writeConfigFile(): "
++				"setuid failed(%s)\n", 
++				strerror(errno));
+ 			ret = doWriteConfigFile(filename, cptr);
+ 			exit(ret);
+ 			break;
diff --git a/x11/xorg-libs/patches/patch-co b/x11/xorg-libs/patches/patch-co
new file mode 100644
index 00000000000..a6a402513f3
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-co
@@ -0,0 +1,43 @@
+$NetBSD: patch-co,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- programs/Xserver/os/utils.c.orig	2005-11-08 07:33:30.000000000 +0100
++++ programs/Xserver/os/utils.c
+@@ -1718,8 +1718,10 @@ System(char *command)
+     case -1:	/* error */
+ 	p = -1;
+     case 0:	/* child */
+-	setgid(getgid());
+-	setuid(getuid());
++	if (setgid(getgid()) == -1)
++	    _exit(127);
++	if (setuid(getuid()) == -1)
++	    _exit(127);
+ 	execl("/bin/sh", "sh", "-c", command, (char *)NULL);
+ 	_exit(127);
+     default:	/* parent */
+@@ -1770,8 +1772,10 @@ Popen(char *command, char *type)
+ 	xfree(cur);
+ 	return NULL;
+     case 0:	/* child */
+-	setgid(getgid());
+-	setuid(getuid());
++	if (setgid(getgid()) == -1)
++	    _exit(127);
++	if (setuid(getuid()) == -1)
++	    _exit(127);
+ 	if (*type == 'r') {
+ 	    if (pdes[1] != 1) {
+ 		/* stdout */
+@@ -1845,8 +1849,10 @@ Fopen(char *file, char *type)
+ 	xfree(cur);
+ 	return NULL;
+     case 0:	/* child */
+-	setgid(getgid());
+-	setuid(getuid());
++	if (setgid(getgid()) == -1)
++	    _exit(127);
++	if (setuid(getuid()) == -1)
++	    _exit(127);
+ 	if (*type == 'r') {
+ 	    if (pdes[1] != 1) {
+ 		/* stdout */
diff --git a/x11/xorg-libs/patches/patch-cp b/x11/xorg-libs/patches/patch-cp
new file mode 100644
index 00000000000..5afdea0b5d0
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-cp
@@ -0,0 +1,21 @@
+$NetBSD: patch-cp,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- programs/xdm/session.c.orig	2005-11-08 07:33:31.000000000 +0100
++++ programs/xdm/session.c
+@@ -488,8 +488,14 @@ SessionExit (struct display *d, int stat
+     else
+ 	ResetServer (d);
+     if (removeAuth) {
+-	setgid (verify.gid);
+-	setuid (verify.uid);
++	if (setgid (verify.gid) == -1) {
++	    LogError( "SessionExit: setgid: %s\n", strerror(errno));
++	    exit(status);
++	}
++	if (setuid (verify.uid) == -1) {
++	    LogError( "SessionExit: setuid: %s\n", strerror(errno));
++	    exit(status);
++	}
+ 	RemoveUserAuthorization (d, &verify);
+ #ifdef K5AUTH
+ 	/* do like "kdestroy" program */
diff --git a/x11/xorg-libs/patches/patch-cq b/x11/xorg-libs/patches/patch-cq
new file mode 100644
index 00000000000..26ddf04a305
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-cq
@@ -0,0 +1,16 @@
+$NetBSD: patch-cq,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c.orig	2005-07-03 10:53:48.000000000 +0200
++++ programs/Xserver/hw/xfree86/os-support/shared/libc_wrapper.c
+@@ -1270,7 +1270,10 @@ xf86execl(const char *pathname, const ch
+ #ifndef SELF_CONTAINED_WRAPPER
+ 	xf86DisableIO();
+ #endif
+-        setuid(getuid());
++        if (setuid(getuid()) == -1) {
++		ErrorF("xf86Execl: setuid() failed: %s\n", strerror(errno));
++		exit(255);
++	}
+ #if !defined(SELF_CONTAINED_WRAPPER)
+         /* set stdin, stdout to the consoleFD, and leave stderr alone */
+         for (i = 0; i < 2; i++)
diff --git a/x11/xorg-libs/patches/patch-cr b/x11/xorg-libs/patches/patch-cr
new file mode 100644
index 00000000000..dbd81722117
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-cr
@@ -0,0 +1,17 @@
+$NetBSD: patch-cr,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- lib/X11/lcFile.c.orig	2005-05-14 00:53:44.000000000 +0200
++++ lib/X11/lcFile.c
+@@ -269,7 +269,11 @@ xlocaledir(
+ 	    if (seteuid(0) != 0) {
+ 		priv = 0;
+ 	    } else {
+-		seteuid(oldeuid);
++		if (seteuid(oldeuid) == -1) {
++		    /* XXX ouch, coudn't get back to original uid 
++		     what can we do ??? */
++		    _exit(127);
++		}
+ 		priv = 1;
+ 	    }
+ #endif
diff --git a/x11/xorg-libs/patches/patch-cs b/x11/xorg-libs/patches/patch-cs
new file mode 100644
index 00000000000..d95ff7c8f3a
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-cs
@@ -0,0 +1,24 @@
+$NetBSD: patch-cs,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- programs/xf86dga/dga.c.orig	2004-04-23 21:54:47.000000000 +0200
++++ programs/xf86dga/dga.c
+@@ -16,6 +16,7 @@
+ #include <X11/Xmd.h>
+ #include <X11/extensions/xf86dga.h>
+ #include <ctype.h>
++#include <errno.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <signal.h>
+@@ -141,7 +142,10 @@ main(int argc, char *argv[])
+ 
+ #ifndef __UNIXOS2__
+    /* Give up root privs */
+-   setuid(getuid());
++   if (setuid(getuid()) == -1) {
++      fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
++      exit(2);
++   }
+ #endif
+ 
+    XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);
diff --git a/x11/xorg-libs/patches/patch-ct b/x11/xorg-libs/patches/patch-ct
new file mode 100644
index 00000000000..b4aea41a690
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-ct
@@ -0,0 +1,31 @@
+$NetBSD: patch-ct,v 1.1.2.2 2006/09/16 10:27:05 salo Exp $
+
+--- lib/xtrans/Xtranslcl.c.orig	2005-11-08 07:33:26.000000000 +0100
++++ lib/xtrans/Xtranslcl.c
+@@ -360,7 +360,10 @@ TRANS(PTSOpenClient)(XtransConnInfo cipt
+ 	uid_t       saved_euid;
+ 
+ 	saved_euid = geteuid();
+-	setuid( getuid() ); /** sets the euid to the actual/real uid **/
++	/** sets the euid to the actual/real uid **/
++	if (setuid( getuid() ) == -1) {
++		exit(1);
++	}
+ 	if( chown( slave, saved_euid, -1 ) < 0 ) {
+ 		exit( 1 );
+ 		}
+@@ -369,7 +372,13 @@ TRANS(PTSOpenClient)(XtransConnInfo cipt
+     }
+ 
+     waitpid(saved_pid, &exitval, 0);
+-
++    if (WIFEXITED(exitval) && WEXITSTATUS(exitval) != 0) {
++	close(fd);
++	close(server);
++	PRMSG(1, "PTSOpenClient: cannot set the owner of %s\n",
++	      slave, 0, 0);
++	return(-1);
++    }
+     if (chmod(slave, 0666) < 0) {
+ 	close(fd);
+ 	close(server);
diff --git a/x11/xorg-server/Makefile b/x11/xorg-server/Makefile
index b182d039f0f..3421498ffcd 100644
--- a/x11/xorg-server/Makefile
+++ b/x11/xorg-server/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.44.2.1 2006/08/23 23:30:32 salo Exp $
+# $NetBSD: Makefile,v 1.44.2.2 2006/09/16 10:27:05 salo Exp $
 
 DISTNAME=	${DISTFILES}
 PKGNAME=	xorg-server-${XORG_VER}
-PKGREVISION=	12
+PKGREVISION=	13
 CATEGORIES=	x11
 MASTER_SITES=	${MASTER_SITE_XORG}
 DISTFILES=	X11R${XORG_VER}-src1.tar.gz \