lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Wed Jun  7 00:28:55 2006
From: marcdeslauriers at videotron.ca (Marc Deslauriers)
Subject: [FLSA-2006:190777] Updated X.org packages fix
	security issue

---------------------------------------------------------------------
               Fedora Legacy Update Advisory

Synopsis:          Updated X.org packages fix security issue
Advisory ID:       FLSA:190777
Issue date:        2006-06-06
Product:           Fedora Core
Keywords:          Bugfix
CVE Names:         CVE-2006-1526
---------------------------------------------------------------------


---------------------------------------------------------------------
1. Topic:

Updated X.org packages that fix a security issue are now available.

X.org is an open source implementation of the X Window System. It
provides the basic low-level functionality that full-fledged graphical
user interfaces (GUIs) such as GNOME and KDE are designed upon.

2. Relevant releases/architectures:

Fedora Core 3 - i386, x86_64

3. Problem description:

A buffer overflow flaw in the X.org server RENDER extension was
discovered. A malicious authorized client could exploit this issue to
cause a denial of service (crash) or potentially execute arbitrary code
with root privileges on the X.org server. (CVE-2006-1526)

Users of X.org should upgrade to these updated packages, which contain a
backported patch and is not vulnerable to this issue.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which
are not installed but included in the list will not be updated.  Note
that you can also use wildcards (*.rpm) if your current directory *only*
contains the desired RPMs.

Please note that this update is also available via yum and apt.  Many
people find this an easier way to apply updates.  To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.  This assumes that you
have yum or apt-get configured for obtaining Fedora Legacy content.
Please visit http://www.fedoralegacy.org/docs for directions on how to
configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190777

6. RPMs required:

Fedora Core 3:

SRPM:
http://download.fedoralegacy.org/fedora/3/updates/SRPMS/xorg-x11-6.8.2-1.FC3.45.3.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-deprecated-libs-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-devel-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-doc-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-font-utils-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-libs-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-Mesa-libGL-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-sdk-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-tools-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-twm-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-xauth-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-xdm-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-Xdmx-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-xfs-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-Xnest-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/xorg-x11-Xvfb-6.8.2-1.FC3.45.3.legacy.i386.rpm

x86_64:
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-devel-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-devel-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-doc-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-font-utils-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-libs-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-libs-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.45.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-sdk-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-tools-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-twm-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-xauth-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-xdm-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-Xdmx-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-xfs-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-Xnest-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/xorg-x11-Xvfb-6.8.2-1.FC3.45.3.legacy.x86_64.rpm


7. Verification:

SHA1 sum                                  Package Name
---------------------------------------------------------------------

6c4f8cc2a12da27bc7eba148b139bbbc0c16c877
fedora/3/updates/i386/xorg-x11-6.8.2-1.FC3.45.3.legacy.i386.rpm
3f94f87fb882c2f5116fc7e153db8a27b47902d9
fedora/3/updates/i386/xorg-x11-deprecated-libs-6.8.2-1.FC3.45.3.legacy.i386.rpm
7f4c16bed758307fc89963cdc0e60d6104690384
fedora/3/updates/i386/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.45.3.legacy.i386.rpm
07b928bdc56bc8d2fe0828afbe59d8dfcfabbede
fedora/3/updates/i386/xorg-x11-devel-6.8.2-1.FC3.45.3.legacy.i386.rpm
c7adb504db755f139b2b8454c37b6add3204c2b0
fedora/3/updates/i386/xorg-x11-doc-6.8.2-1.FC3.45.3.legacy.i386.rpm
dd5caa2e8fadf2eff908615231819cf69cf130ea
fedora/3/updates/i386/xorg-x11-font-utils-6.8.2-1.FC3.45.3.legacy.i386.rpm
8e30c1a599b8f2bb39abdce9dbd9c0559926f63e
fedora/3/updates/i386/xorg-x11-libs-6.8.2-1.FC3.45.3.legacy.i386.rpm
23fc45993a3e83844ad2029653c580e9c9fba606
fedora/3/updates/i386/xorg-x11-Mesa-libGL-6.8.2-1.FC3.45.3.legacy.i386.rpm
13b96e8dca25068c884a5bdf2fd188f684472eb5
fedora/3/updates/i386/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.45.3.legacy.i386.rpm
2ecbdbc243d2fed742d56b7183367625c318029a
fedora/3/updates/i386/xorg-x11-sdk-6.8.2-1.FC3.45.3.legacy.i386.rpm
7bba05d923dde98a77233a5cb4ef7b67660ad345
fedora/3/updates/i386/xorg-x11-tools-6.8.2-1.FC3.45.3.legacy.i386.rpm
9d51ef13a3ba67eb4afe4e4417ff1735cf659829
fedora/3/updates/i386/xorg-x11-twm-6.8.2-1.FC3.45.3.legacy.i386.rpm
61201dd9054fbe6336381d9532f3d0ec60d9b537
fedora/3/updates/i386/xorg-x11-xauth-6.8.2-1.FC3.45.3.legacy.i386.rpm
8c0f9419d979a3defbe376693c1d39cbdb8eeabb
fedora/3/updates/i386/xorg-x11-xdm-6.8.2-1.FC3.45.3.legacy.i386.rpm
132c26d0cc1fe2c5e3946aae493a6bf16ec8b659
fedora/3/updates/i386/xorg-x11-Xdmx-6.8.2-1.FC3.45.3.legacy.i386.rpm
9f71fe79b510f7dd06a41b01eeb5c4850ee88411
fedora/3/updates/i386/xorg-x11-xfs-6.8.2-1.FC3.45.3.legacy.i386.rpm
2b36b8679d782f6d1f0899262d1ad961fb3703e0
fedora/3/updates/i386/xorg-x11-Xnest-6.8.2-1.FC3.45.3.legacy.i386.rpm
aba6d27d8bb5befdb4694546b66cbc88d945973b
fedora/3/updates/i386/xorg-x11-Xvfb-6.8.2-1.FC3.45.3.legacy.i386.rpm

9ac2f2b492165554bb358c39d8e4d031e1a4ee1b
fedora/3/updates/x86_64/xorg-x11-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
3f94f87fb882c2f5116fc7e153db8a27b47902d9
fedora/3/updates/x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.45.3.legacy.i386.rpm
26d851236ece4e649845a0923420b5a257cd1bde
fedora/3/updates/x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
c19744109a7e088d79f7ced7349af8ac8ed5d561
fedora/3/updates/x86_64/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
07b928bdc56bc8d2fe0828afbe59d8dfcfabbede
fedora/3/updates/x86_64/xorg-x11-devel-6.8.2-1.FC3.45.3.legacy.i386.rpm
8f030968d84bcd3d602eb7aaf836a0d15b75c44d
fedora/3/updates/x86_64/xorg-x11-devel-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
a1337070e3c6362133fde9d7779edf7533072133
fedora/3/updates/x86_64/xorg-x11-doc-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
a7feafa8ded15cf48d844366c1e3be37f23a1cfd
fedora/3/updates/x86_64/xorg-x11-font-utils-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
8e30c1a599b8f2bb39abdce9dbd9c0559926f63e
fedora/3/updates/x86_64/xorg-x11-libs-6.8.2-1.FC3.45.3.legacy.i386.rpm
0eaa41f3cf3ac8871444908aafc1691a0008e0d5
fedora/3/updates/x86_64/xorg-x11-libs-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
23fc45993a3e83844ad2029653c580e9c9fba606
fedora/3/updates/x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.45.3.legacy.i386.rpm
6a0b603f3acb00c85ea9d20148ecba46e7d21368
fedora/3/updates/x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
13b96e8dca25068c884a5bdf2fd188f684472eb5
fedora/3/updates/x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.45.3.legacy.i386.rpm
1c479506c5b7ebd1d49063770233d431fc754004
fedora/3/updates/x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
b4f4b333906a9eeed08eb6ffcb830f8584c478dd
fedora/3/updates/x86_64/xorg-x11-sdk-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
0f661c108936ea85fe38a478ee45b5bf8058b3ca
fedora/3/updates/x86_64/xorg-x11-tools-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
37ad2d9f35dd213b684dda7513d98420daf4834e
fedora/3/updates/x86_64/xorg-x11-twm-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
33705cb293a6bfe37e55244153e5e23175d2c4e2
fedora/3/updates/x86_64/xorg-x11-xauth-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
2771026feae63c0362bfa5daa6d9666d5b8acc89
fedora/3/updates/x86_64/xorg-x11-xdm-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
5d03a8e36c3c9474d4de53d3d7cc2c7d7d936528
fedora/3/updates/x86_64/xorg-x11-Xdmx-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
46afe47ebc3548b092fa74d831cdbb80a1092213
fedora/3/updates/x86_64/xorg-x11-xfs-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
60276aa97510fc4be52aa3720a0d20a650a0c968
fedora/3/updates/x86_64/xorg-x11-Xnest-6.8.2-1.FC3.45.3.legacy.x86_64.rpm
21260daa99910a143934800229f7acfc9f256b75
fedora/3/updates/x86_64/xorg-x11-Xvfb-6.8.2-1.FC3.45.3.legacy.x86_64.rpm

699a18fb173a9e3a23e9fd653e152d73e7aae737
fedora/3/updates/SRPMS/xorg-x11-6.8.2-1.FC3.45.3.legacy.src.rpm


These packages are GPG signed by Fedora Legacy for security.  Our key is
available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the sha1sum with the following command:

    sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1526

9. Contact:

The Fedora Legacy security contact is <secnotice@...oralegacy.org>. More
project details at http://www.fedoralegacy.org

---------------------------------------------------------------------


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060606/51654f97/signature.bin

Powered by blists - more mailing lists