Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories» Fedora » Xorg-X11 several integer overflows FC4

Xorg-X11 several integer overflows FC4

Several integer overflow bugs were found in the way X.Org X11 code parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. Fedora Core 4.

  • Vendor: Fedora
  • Vendor ID: FEDORA-2005-894
  • Date: September 16, 2005


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-894
2005-09-16
---------------------------------------------------------------------

Product : Fedora Core 4
Name : xorg-x11
Version : 6.8.2
Release : 37.FC4.48.1
Summary : The basic fonts, programs and docs for an X workstation.
Description :
X.org X11 is an open source implementation of the X Window System. It
provides the basic low level functionality which full fledged
graphical user interfaces (GUIs) such as GNOME and KDE are designed
upon.

---------------------------------------------------------------------
Update Information:

Updated xorg-x11 packages that fix several integer overflows,
various bugs, are now available for Fedora Core 4.

X.Org X11 is an implementation of the X Window System,
which provides the core functionality for the Linux
graphical desktop.

Several integer overflow bugs were found in the way X.Org
X11 code parses pixmap images. It is possible for a user
to gain elevated privileges by loading a specially crafted
pixmap image. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2005-2495
to this issue.

Additionally, this update contains:

- Support for some newer models of Intel i945 video
chipsets.

- A fix for a regression caused in the last Xorg update
for Fedora Core 4, which resulted in some Matrox
hardware to fail to initialize properly, which was
introduced in the PCI config space access bugfix from
the previous xorg-x11 update. The PCI config code
has been updated now to handle BIOS related quirks
of this nature, so this fix may also benefit users of
some other brands of video hardware as well.

- A fix for a memory leak in the X server's shadow
framebuffer code.

---------------------------------------------------------------------
* Tue Sep 13 2005 Mike A. Harris 6.8.2-37.FC4.48.1
- Actually make sure xorg-x11-6.8.2-add-i945-support.patch gets applied to
the build, as it was added before to CVS but not being used.
- Build failed because 6.8.2-37.FC4.48 somehow exists already, even though
it is not based on 6.8.2-48. Bump to 6.8.2-37.FC4.48.1 and try again.

* Tue Sep 13 2005 Mike A. Harris 6.8.2-37.FC4.45.1
- Build 6.8.2-37.FC4.45.1 for security and bugfix update for FC4.

* Tue Sep 13 2005 Soren Sandmann
- Update linux-native-pciscan patch to not spew debug info.

* Tue Sep 13 2005 Soren Sandmann
- Update linux-native-pciscan patch to correctly handle byte accesses
to PCI space
- Plug leak in shadow framebuffer (-shadow-framebuffer-leak.patch).

* Tue Sep 13 2005 Soren Sandmann
- Added XFree86-4.3.0-security-CAN-2005-2495.patch

* Mon Sep 5 2005 Mike A. Harris
- Updated post/postun scripts for libs to use -p /sbin/ldconfig instead,
which allows rpm to optimize/reduce package installation time

* Thu Sep 1 2005 Mike A. Harris
- Added following patches, merged over from RHEL-4 branch of CVS:
- Added xorg-x11-6.8.1-ati-radeon-RV100-bus-master-fix.patch for bug (#165179)
- Added xorg-x11-6.8.2-add-i945-support.patch to fix (#156964)


---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

45444a75d24c7d6d3d1d1f401c2776a3 SRPMS/xorg-x11-6.8.2-37.FC4.48.1.src.rpm
12b019ae3af87919f747cce8870512b6 ppc/xorg-x11-6.8.2-37.FC4.48.1.ppc.rpm
ef500e065e3f6bf7a07d1fe2938ca4b3 ppc/xorg-x11-devel-6.8.2-37.FC4.48.1.ppc.rpm
270947956d770071cb75d351c08ab291
ppc/xorg-x11-deprecated-libs-devel-6.8.2-37.FC4.48.1.ppc.rpm
b34e057f45e63b8da0c93bb5f6827103 ppc/xorg-x11-font-utils-6.8.2-37.FC4.48.1.ppc.rpm
b0242605f99c563ff0d9ce4b4b9987d6 ppc/xorg-x11-xfs-6.8.2-37.FC4.48.1.ppc.rpm
5842443c56a5aee6a6280eee75306ec2 ppc/xorg-x11-twm-6.8.2-37.FC4.48.1.ppc.rpm
f894fac541e239a5c477e62800b60564 ppc/xorg-x11-xdm-6.8.2-37.FC4.48.1.ppc.rpm
4d4726b9c1a1a29b6ac810968f8a9a5b ppc/xorg-x11-libs-6.8.2-37.FC4.48.1.ppc.rpm
1935e00b90f36bd5fd193211a1ed5edf
ppc/xorg-x11-deprecated-libs-6.8.2-37.FC4.48.1.ppc.rpm
9e698965de7bacc660b44cdf23ff39b0 ppc/xorg-x11-doc-6.8.2-37.FC4.48.1.ppc.rpm
39e5552de47e7e558bc08dfa19cfdfa5 ppc/xorg-x11-Xdmx-6.8.2-37.FC4.48.1.ppc.rpm
b85c8feb2e82d79af2aa099a28135624 ppc/xorg-x11-Xnest-6.8.2-37.FC4.48.1.ppc.rpm
6b347b93599515ba56e4ab7a34485c3a ppc/xorg-x11-tools-6.8.2-37.FC4.48.1.ppc.rpm
6d5e8368b39ddc5567c4658f367a7352 ppc/xorg-x11-xauth-6.8.2-37.FC4.48.1.ppc.rpm
fd0233d1710cfcd1ca7d7f5d72b62e55 ppc/xorg-x11-Mesa-libGL-6.8.2-37.FC4.48.1.ppc.rpm
f3ad13282885cc57911c4a0511ac7406 ppc/xorg-x11-Mesa-libGLU-6.8.2-37.FC4.48.1.ppc.rpm
83f78cc679a19f88742ac9aed6461189 ppc/xorg-x11-Xvfb-6.8.2-37.FC4.48.1.ppc.rpm
dd99d6f7bbe65ac53999bcd6a3245690 ppc/xorg-x11-sdk-6.8.2-37.FC4.48.1.ppc.rpm
aab1799141f189ed1ee2cde78f8c3265 ppc/xorg-x11-devel-6.8.2-37.FC4.48.1.ppc64.rpm
d83b17831fba87e5aebe271b03a71094 ppc/xorg-x11-libs-6.8.2-37.FC4.48.1.ppc64.rpm
71b816583df689c1c7302736aa640758
ppc/xorg-x11-deprecated-libs-6.8.2-37.FC4.48.1.ppc64.rpm
bb2dc2854acc71203ce31582ab0c557e
ppc/xorg-x11-Mesa-libGL-6.8.2-37.FC4.48.1.ppc64.rpm
c90169f0dbd3957493d14515c6060b55
ppc/xorg-x11-Mesa-libGLU-6.8.2-37.FC4.48.1.ppc64.rpm
9f13f38dfe9de2ca063fe3da56d760b8 x86_64/xorg-x11-6.8.2-37.FC4.48.1.x86_64.rpm
d13ab645cb5369d77351053feeec57f3 x86_64/xorg-x11-devel-6.8.2-37.FC4.48.1.x86_64.rpm
c84cf7a0ab2fe61d0479a98e0c5aeaab
x86_64/xorg-x11-deprecated-libs-devel-6.8.2-37.FC4.48.1.x86_64.rpm
1b06a8ec266cc26f353de21260e44436
x86_64/xorg-x11-font-utils-6.8.2-37.FC4.48.1.x86_64.rpm
c85e0a8c5fce4dfd3e3883071c538660 x86_64/xorg-x11-xfs-6.8.2-37.FC4.48.1.x86_64.rpm
e43f6fc00639649d087550837983de87 x86_64/xorg-x11-twm-6.8.2-37.FC4.48.1.x86_64.rpm
45dd9d2ab168788e7328823c2ef27538 x86_64/xorg-x11-xdm-6.8.2-37.FC4.48.1.x86_64.rpm
c52670c54626bf1fe056ad9e0d9dcc4a x86_64/xorg-x11-libs-6.8.2-37.FC4.48.1.x86_64.rpm
66c2f0ce59b028d53ba938247d805796
x86_64/xorg-x11-deprecated-libs-6.8.2-37.FC4.48.1.x86_64.rpm
dd9a409c338476408505eb7d13e0111b x86_64/xorg-x11-doc-6.8.2-37.FC4.48.1.x86_64.rpm
4272f0a5d7771dcc8232aa176da922ce x86_64/xorg-x11-Xdmx-6.8.2-37.FC4.48.1.x86_64.rpm
257c641daf6ec2aaf7d61f8067d4d09d x86_64/xorg-x11-Xnest-6.8.2-37.FC4.48.1.x86_64.rpm
d85d5fffb58bd0974fcfc3f63bb662c8 x86_64/xorg-x11-tools-6.8.2-37.FC4.48.1.x86_64.rpm
1bd5d59587e4558f33ca95038f07acad x86_64/xorg-x11-xauth-6.8.2-37.FC4.48.1.x86_64.rpm
d7ea33671154f69ef1bed69027078960
x86_64/xorg-x11-Mesa-libGL-6.8.2-37.FC4.48.1.x86_64.rpm
807aa3fb5e5c931b43b73dabeb1e07b3
x86_64/xorg-x11-Mesa-libGLU-6.8.2-37.FC4.48.1.x86_64.rpm
84b50cd59975cd218d7557bf233e79d4 x86_64/xorg-x11-Xvfb-6.8.2-37.FC4.48.1.x86_64.rpm
f1f450247081dbe2c5b867258ea16391 x86_64/xorg-x11-sdk-6.8.2-37.FC4.48.1.x86_64.rpm
0cb05db80beba31abe9aa800a92722c7 x86_64/xorg-x11-devel-6.8.2-37.FC4.48.1.i386.rpm
ee3218b59ec497992dfce2271ffe4f3b x86_64/xorg-x11-libs-6.8.2-37.FC4.48.1.i386.rpm
fcb8259ea8130469bdbe2999c9f246b2
x86_64/xorg-x11-deprecated-libs-6.8.2-37.FC4.48.1.i386.rpm
1f610c3d75257488284580520d2d2c15
x86_64/xorg-x11-Mesa-libGL-6.8.2-37.FC4.48.1.i386.rpm
7fbfecbccb59ecd22bd855fa7ae6658c
x86_64/xorg-x11-Mesa-libGLU-6.8.2-37.FC4.48.1.i386.rpm
1d785f204d3de56aa7a441a612a5c5e1 i386/xorg-x11-6.8.2-37.FC4.48.1.i386.rpm
0cb05db80beba31abe9aa800a92722c7 i386/xorg-x11-devel-6.8.2-37.FC4.48.1.i386.rpm
738856d0b79a2b2cf9393bdc822c82ae
i386/xorg-x11-deprecated-libs-devel-6.8.2-37.FC4.48.1.i386.rpm
25da43c757359fe2db20b7e0d402a28a
i386/xorg-x11-font-utils-6.8.2-37.FC4.48.1.i386.rpm
7c185eb6312219656d49ac0541f5c272 i386/xorg-x11-xfs-6.8.2-37.FC4.48.1.i386.rpm
09c76947208e749974f3445bdeb8f383 i386/xorg-x11-twm-6.8.2-37.FC4.48.1.i386.rpm
0f57ebfe7829384faebc80f42f84f4e5 i386/xorg-x11-xdm-6.8.2-37.FC4.48.1.i386.rpm
ee3218b59ec497992dfce2271ffe4f3b i386/xorg-x11-libs-6.8.2-37.FC4.48.1.i386.rpm
fcb8259ea8130469bdbe2999c9f246b2
i386/xorg-x11-deprecated-libs-6.8.2-37.FC4.48.1.i386.rpm
4ec26dc467ea571576e89266cb1125a8 i386/xorg-x11-doc-6.8.2-37.FC4.48.1.i386.rpm
294bad86a04b10d379df679216b22d69 i386/xorg-x11-Xdmx-6.8.2-37.FC4.48.1.i386.rpm
f830c9b565f9b379351399709804daf5 i386/xorg-x11-Xnest-6.8.2-37.FC4.48.1.i386.rpm
e8dae7991c90a884661574a7137d1cf8 i386/xorg-x11-tools-6.8.2-37.FC4.48.1.i386.rpm
3f34d2d29d26707e3ca7994e5315a102 i386/xorg-x11-xauth-6.8.2-37.FC4.48.1.i386.rpm
1f610c3d75257488284580520d2d2c15
i386/xorg-x11-Mesa-libGL-6.8.2-37.FC4.48.1.i386.rpm
7fbfecbccb59ecd22bd855fa7ae6658c
i386/xorg-x11-Mesa-libGLU-6.8.2-37.FC4.48.1.i386.rpm
054f699b634e15f4760ae9f9086c8978 i386/xorg-x11-Xvfb-6.8.2-37.FC4.48.1.i386.rpm
4f0d8916d5a057e43d70dfd72d969358 i386/xorg-x11-sdk-6.8.2-37.FC4.48.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »