diff --git a/cve-2007-6429.patch b/cve-2007-6429.patch
index 9ec43e6..80b6d7c 100644
--- a/cve-2007-6429.patch
+++ b/cve-2007-6429.patch
@@ -1,13 +1,55 @@
-From 7dc1717ff0f96b99271a912b8948dfce5164d5ad Mon Sep 17 00:00:00 2001
-From: Adam Jackson <ajax@redhat.com>
-Date: Thu, 17 Jan 2008 15:28:03 +0100
-Subject: [PATCH] Fix for fix for CVE-2007-6429
+From 6970d8c3c8b96b294159b4029c1428813568e20b Mon Sep 17 00:00:00 2001
+From: Dave Airlie <airlied@redhat.com>
+Date: Sat, 19 Jan 2008 06:37:58 +1000
+Subject: [PATCH] CVE-2007-6429: EVI and MIT-SHM Vunerability updated patch
 
 ---
+ Xext/EVI.c       |   15 ++++++++++++++-
+ Xext/sampleEVI.c |   29 ++++++++++++++++++++++++-----
+ Xext/shm.c       |   52 ++++++++++++++++++++++++++++++++++++++++++++--------
+ 3 files changed, 82 insertions(+), 14 deletions(-)
 
---- xorg-server-1.1.1/Xext/sampleEVI.c.cve-2007-6429	2006-07-05 14:31:36.000000000 -0400
-+++ xorg-server-1.1.1/Xext/sampleEVI.c	2008-01-18 14:15:44.000000000 -0500
-@@ -36,6 +36,13 @@
+diff --git a/Xext/EVI.c b/Xext/EVI.c
+index 4bd050c..a637bae 100644
+--- a/Xext/EVI.c
++++ b/Xext/EVI.c
+@@ -34,6 +34,7 @@ THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ #include <X11/extensions/XEVIstr.h>
+ #include "EVIstruct.h"
+ #include "modinit.h"
++#include "scrnintstr.h"
+ 
+ static EviPrivPtr eviPriv;
+ 
+@@ -84,10 +85,22 @@ ProcEVIGetVisualInfo(ClientPtr client)
+ {
+     REQUEST(xEVIGetVisualInfoReq);
+     xEVIGetVisualInfoReply rep;
+-    int n, n_conflict, n_info, sz_info, sz_conflict;
++    int i, n, n_conflict, n_info, sz_info, sz_conflict;
+     VisualID32 *conflict;
++    unsigned int total_visuals = 0;
+     xExtendedVisualInfo *eviInfo;
+     int status;
++
++    /*
++     * do this first, otherwise REQUEST_FIXED_SIZE can overflow.  we assume
++     * here that you don't have more than 2^32 visuals over all your screens;
++     * this seems like a safe assumption.
++     */
++    for (i = 0; i < screenInfo.numScreens; i++)
++	total_visuals += screenInfo.screens[i]->numVisuals;
++    if (stuff->n_visual > total_visuals)
++	return BadValue;
++
+     REQUEST_FIXED_SIZE(xEVIGetVisualInfoReq, stuff->n_visual * sz_VisualID32);
+     status = eviPriv->getVisualInfo((VisualID32 *)&stuff[1], (int)stuff->n_visual,
+ 		&eviInfo, &n_info, &conflict, &n_conflict);
+diff --git a/Xext/sampleEVI.c b/Xext/sampleEVI.c
+index 7508aa7..b8f39c7 100644
+--- a/Xext/sampleEVI.c
++++ b/Xext/sampleEVI.c
+@@ -34,6 +34,13 @@ THE USE OR PERFORMANCE OF THIS SOFTWARE.
  #include <X11/extensions/XEVIstr.h>
  #include "EVIstruct.h"
  #include "scrnintstr.h"
@@ -21,7 +63,7 @@ Subject: [PATCH] Fix for fix for CVE-2007-6429
  static int sampleGetVisualInfo(
      VisualID32 *visual,
      int n_visual,
-@@ -44,24 +51,36 @@
+@@ -42,24 +49,36 @@ static int sampleGetVisualInfo(
      VisualID32 **conflict_rn,
      int *n_conflict_rn)
  {
@@ -63,44 +105,12 @@ Subject: [PATCH] Fix for fix for CVE-2007-6429
      for (scrI = 0; scrI < screenInfo.numScreens; scrI++) {
          for (visualI = 0; visualI < n_visual; visualI++) {
  	    evi[sz_evi].core_visual_id = visual[visualI];
---- xorg-server-1.1.1/Xext/EVI.c.cve-2007-6429	2006-07-05 14:31:36.000000000 -0400
-+++ xorg-server-1.1.1/Xext/EVI.c	2008-01-18 14:15:44.000000000 -0500
-@@ -36,6 +36,7 @@
- #include <X11/extensions/XEVIstr.h>
- #include "EVIstruct.h"
- #include "modinit.h"
-+#include "scrnintstr.h"
- 
- #if 0
- static unsigned char XEVIReqCode = 0;
-@@ -89,10 +90,22 @@
- {
-     REQUEST(xEVIGetVisualInfoReq);
-     xEVIGetVisualInfoReply rep;
--    int n, n_conflict, n_info, sz_info, sz_conflict;
-+    int i, n, n_conflict, n_info, sz_info, sz_conflict;
-     VisualID32 *conflict;
-+    unsigned int total_visuals = 0;
-     xExtendedVisualInfo *eviInfo;
-     int status;
-+
-+    /*
-+     * do this first, otherwise REQUEST_FIXED_SIZE can overflow.  we assume
-+     * here that you don't have more than 2^32 visuals over all your screens;
-+     * this seems like a safe assumption.
-+     */
-+    for (i = 0; i < screenInfo.numScreens; i++)
-+	total_visuals += screenInfo.screens[i]->numVisuals;
-+    if (stuff->n_visual > total_visuals)
-+	return BadValue;
-+
-     REQUEST_FIXED_SIZE(xEVIGetVisualInfoReq, stuff->n_visual * sz_VisualID32);
-     status = eviPriv->getVisualInfo((VisualID32 *)&stuff[1], (int)stuff->n_visual,
- 		&eviInfo, &n_info, &conflict, &n_conflict);
---- xorg-server-1.1.1/Xext/shm.c.cve-2007-6429	2006-07-05 14:31:36.000000000 -0400
-+++ xorg-server-1.1.1/Xext/shm.c	2008-01-18 14:19:28.000000000 -0500
-@@ -725,6 +725,8 @@
-     int i, j, result;
+diff --git a/Xext/shm.c b/Xext/shm.c
+index e3d7a23..0f7a7eb 100644
+--- a/Xext/shm.c
++++ b/Xext/shm.c
+@@ -757,6 +757,8 @@ ProcPanoramiXShmCreatePixmap(
+     int i, j, result, rc;
      ShmDescPtr shmdesc;
      REQUEST(xShmCreatePixmapReq);
 +    unsigned int width, height, depth;
@@ -108,9 +118,9 @@ Subject: [PATCH] Fix for fix for CVE-2007-6429
      PanoramiXRes *newPix;
  
      REQUEST_SIZE_MATCH(xShmCreatePixmapReq);
-@@ -734,11 +736,18 @@
-     LEGAL_NEW_RESOURCE(stuff->pid, client);
-     VERIFY_GEOMETRABLE(pDraw, stuff->drawable, client);
+@@ -770,11 +772,18 @@ ProcPanoramiXShmCreatePixmap(
+ 	return rc;
+ 
      VERIFY_SHMPTR(stuff->shmseg, stuff->offset, TRUE, shmdesc, client);
 -    if (!stuff->width || !stuff->height)
 +
@@ -128,7 +138,7 @@ Subject: [PATCH] Fix for fix for CVE-2007-6429
      if (stuff->depth != 1)
      {
          pDepth = pDraw->pScreen->allowedDepths;
-@@ -748,10 +757,19 @@
+@@ -784,10 +793,19 @@ ProcPanoramiXShmCreatePixmap(
  	client->errorValue = stuff->depth;
          return BadValue;
      }
@@ -151,8 +161,8 @@ Subject: [PATCH] Fix for fix for CVE-2007-6429
  
      if(!(newPix = (PanoramiXRes *) xalloc(sizeof(PanoramiXRes))))
  	return BadAlloc;
-@@ -1049,6 +1067,8 @@
-     register int i;
+@@ -1086,6 +1104,8 @@ ProcShmCreatePixmap(client)
+     register int i, rc;
      ShmDescPtr shmdesc;
      REQUEST(xShmCreatePixmapReq);
 +    unsigned int width, height, depth;
@@ -160,9 +170,9 @@ Subject: [PATCH] Fix for fix for CVE-2007-6429
  
      REQUEST_SIZE_MATCH(xShmCreatePixmapReq);
      client->errorValue = stuff->pid;
-@@ -1057,11 +1077,18 @@
-     LEGAL_NEW_RESOURCE(stuff->pid, client);
-     VERIFY_GEOMETRABLE(pDraw, stuff->drawable, client);
+@@ -1098,11 +1118,18 @@ ProcShmCreatePixmap(client)
+ 	return rc;
+ 
      VERIFY_SHMPTR(stuff->shmseg, stuff->offset, TRUE, shmdesc, client);
 -    if (!stuff->width || !stuff->height)
 +    
@@ -180,7 +190,7 @@ Subject: [PATCH] Fix for fix for CVE-2007-6429
      if (stuff->depth != 1)
      {
          pDepth = pDraw->pScreen->allowedDepths;
-@@ -1071,10 +1098,19 @@
+@@ -1112,10 +1139,19 @@ ProcShmCreatePixmap(client)
  	client->errorValue = stuff->depth;
          return BadValue;
      }
@@ -203,3 +213,6 @@ Subject: [PATCH] Fix for fix for CVE-2007-6429
      pMap = (*shmFuncs[pDraw->pScreen->myNum]->CreatePixmap)(
  			    pDraw->pScreen, stuff->width,
  			    stuff->height, stuff->depth,
+-- 
+1.5.3.6
+