[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1GGKtt-0001uh-FG@mercury.mandriva.com>
Date: Thu, 24 Aug 2006 13:30:01 -0600
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDKSA-2006:148 ] - Updated xorg-x11 packages
fix vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2006:148
http://www.mandriva.com/security/
_______________________________________________________________________
Package : xorg-x11
Date : August 24, 2006
Affected: 2006.0, Corporate 3.0
_______________________________________________________________________
Problem Description:
An integer overflow flaw was discovered in how xorg-x11/XFree86 handles
PCF files. A malicious authorized client could exploit the issue to
cause a DoS (crash) or potentially execute arbitrary code with root
privileges on the xorg-x11/XFree86 server.
Updated packages are patched to address this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2006.0:
e96690462ea6e57335b457d763e26b80 2006.0/RPMS/libxorg-x11-6.9.0-5.8.20060mdk.i586.rpm
31f632a499f6a55459ce5446ad5871b5 2006.0/RPMS/libxorg-x11-devel-6.9.0-5.8.20060mdk.i586.rpm
1c0eda1098546a703159832671e10e99 2006.0/RPMS/libxorg-x11-static-devel-6.9.0-5.8.20060mdk.i586.rpm
5ac9c8c715cb5df656ccbacec5a87dae 2006.0/RPMS/X11R6-contrib-6.9.0-5.8.20060mdk.i586.rpm
ac15309aaeb2a021658314afde737da4 2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.8.20060mdk.i586.rpm
f155986261ac4d70982f68b51a38c3dc 2006.0/RPMS/xorg-x11-6.9.0-5.8.20060mdk.i586.rpm
1c7afcc1116ae6db0df1fbec846c552f 2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.8.20060mdk.i586.rpm
2273cbc4aac47f3060e39a5bebc69392 2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.8.20060mdk.i586.rpm
f67859d61e75afe3bcc1e481e346c72c 2006.0/RPMS/xorg-x11-doc-6.9.0-5.8.20060mdk.i586.rpm
f2685335f3b56d1e4d00f629fc4c4bad 2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.8.20060mdk.i586.rpm
dbb7aecf3aa04ebdd98ce07a2d8e7ba5 2006.0/RPMS/xorg-x11-server-6.9.0-5.8.20060mdk.i586.rpm
bdb37de9d95ac078fa2e1a0e87de7a5e 2006.0/RPMS/xorg-x11-xauth-6.9.0-5.8.20060mdk.i586.rpm
06022dee267d75d01ff580a9e7afa3d4 2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.8.20060mdk.i586.rpm
483903328a38387fc0d0584e5478d474 2006.0/RPMS/xorg-x11-xfs-6.9.0-5.8.20060mdk.i586.rpm
6c720d145e82cfa47b3ffabae2b5493a 2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.8.20060mdk.i586.rpm
bc7b594caa1d2142eb32f25e5a8bbf57 2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.8.20060mdk.i586.rpm
5861d29021e989dd2ebcc668c6620444 2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.8.20060mdk.i586.rpm
5915dadb375c54be929c6f336b7c0231 2006.0/SRPMS/xorg-x11-6.9.0-5.8.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
2f0e74defdcef7544d949eaef81051b7 x86_64/2006.0/RPMS/lib64xorg-x11-6.9.0-5.8.20060mdk.x86_64.rpm
f9dca9d58a256e537586df14f0f3709b x86_64/2006.0/RPMS/lib64xorg-x11-devel-6.9.0-5.8.20060mdk.x86_64.rpm
ff60d844dbf4f376a2e7ec5468cd5701 x86_64/2006.0/RPMS/lib64xorg-x11-static-devel-6.9.0-5.8.20060mdk.x86_64.rpm
3d7251620e95952a72708a25a9d6b9ad x86_64/2006.0/RPMS/X11R6-contrib-6.9.0-5.8.20060mdk.x86_64.rpm
ae47c639f87ca7238c54449e4dac06e4 x86_64/2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.8.20060mdk.x86_64.rpm
a9b1178ae4b51e0f04ca6ab305b7dd00 x86_64/2006.0/RPMS/xorg-x11-6.9.0-5.8.20060mdk.x86_64.rpm
1c53adb504f5bdd86123e8cc470e2316 x86_64/2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.8.20060mdk.x86_64.rpm
49f3696276eb8d8db9894ad74aa300e7 x86_64/2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.8.20060mdk.x86_64.rpm
f2b94e866eeafb9db914990f19ace8c7 x86_64/2006.0/RPMS/xorg-x11-doc-6.9.0-5.8.20060mdk.x86_64.rpm
f31dd3184054ea253f98e9b628a835e4 x86_64/2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.8.20060mdk.x86_64.rpm
2f17814f669ec11941bf1a8d72213cfa x86_64/2006.0/RPMS/xorg-x11-server-6.9.0-5.8.20060mdk.x86_64.rpm
b55e6ba22af3d404d83a4e6c762620b1 x86_64/2006.0/RPMS/xorg-x11-xauth-6.9.0-5.8.20060mdk.x86_64.rpm
130f98fbbbd53c49f1af4a174ce46d48 x86_64/2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.8.20060mdk.x86_64.rpm
263baf4aa6f429af65a4f22c25b1f967 x86_64/2006.0/RPMS/xorg-x11-xfs-6.9.0-5.8.20060mdk.x86_64.rpm
893c19c630ef1c6adcc189c7e87fd533 x86_64/2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.8.20060mdk.x86_64.rpm
9e83acc573420cebe10682e38e9435ac x86_64/2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.8.20060mdk.x86_64.rpm
7d562d5dcccc236eee9e9b62e68297f4 x86_64/2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.8.20060mdk.x86_64.rpm
5915dadb375c54be929c6f336b7c0231 x86_64/2006.0/SRPMS/xorg-x11-6.9.0-5.8.20060mdk.src.rpm
Corporate 3.0:
b8ec2f34a2de5dcce58c767d7acb9742 corporate/3.0/RPMS/libxfree86-4.3-32.6.C30mdk.i586.rpm
17ef760371f3c6132ffbeb16b8cc334f corporate/3.0/RPMS/libxfree86-devel-4.3-32.6.C30mdk.i586.rpm
0dfdac241d26016477688c7cdafa9954 corporate/3.0/RPMS/libxfree86-static-devel-4.3-32.6.C30mdk.i586.rpm
b3c9d0af6cd576695f42646b0e64823b corporate/3.0/RPMS/X11R6-contrib-4.3-32.6.C30mdk.i586.rpm
68c7ceffb72aa9962ff785470a4420eb corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.6.C30mdk.i586.rpm
f6c0dcbb55abfdb3fe731e7a02a516d7 corporate/3.0/RPMS/XFree86-4.3-32.6.C30mdk.i586.rpm
691a6da2b476618b92410b54b2cc659e corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.6.C30mdk.i586.rpm
7d86c5eed71597a8ccb9615dbdcd203e corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.6.C30mdk.i586.rpm
54890690be35fa07c24a153294b4f047 corporate/3.0/RPMS/XFree86-doc-4.3-32.6.C30mdk.i586.rpm
ad22989ca3a580e832224a032ccb2e5f corporate/3.0/RPMS/XFree86-glide-module-4.3-32.6.C30mdk.i586.rpm
67f5e5000b538a5df6dd7d999acfaecd corporate/3.0/RPMS/XFree86-server-4.3-32.6.C30mdk.i586.rpm
db5ba130a18b93d416e781b77e48b752 corporate/3.0/RPMS/XFree86-xfs-4.3-32.6.C30mdk.i586.rpm
2c09fd4d1a1b61a1170c6d50eb675979 corporate/3.0/RPMS/XFree86-Xnest-4.3-32.6.C30mdk.i586.rpm
70b0c2ec881d07f1db12921d072b77d6 corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.6.C30mdk.i586.rpm
61d6302023daef2488822d0146d73baf corporate/3.0/SRPMS/XFree86-4.3-32.6.C30mdk.src.rpm
Corporate 3.0/X86_64:
40d18d307b0d7ebcc665559a31226c97 x86_64/corporate/3.0/RPMS/lib64xfree86-4.3-32.6.C30mdk.x86_64.rpm
b482d0e7d223afeda7c15a78dc91f526 x86_64/corporate/3.0/RPMS/lib64xfree86-devel-4.3-32.6.C30mdk.x86_64.rpm
4850377b6975c3b6747ced40f77fefda x86_64/corporate/3.0/RPMS/lib64xfree86-static-devel-4.3-32.6.C30mdk.x86_64.rpm
962df4b68d2ac9b94540b1f12b5daeb4 x86_64/corporate/3.0/RPMS/X11R6-contrib-4.3-32.6.C30mdk.x86_64.rpm
a7ef4764f0e80e25f46d8118ea926eb0 x86_64/corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.6.C30mdk.x86_64.rpm
93da80be668a3feeb55cbf418e9ca3ba x86_64/corporate/3.0/RPMS/XFree86-4.3-32.6.C30mdk.x86_64.rpm
cb6db58a236a35a6923f475b595426fa x86_64/corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.6.C30mdk.x86_64.rpm
5243dcbb796550a6c3cb6097ef0e8b93 x86_64/corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.6.C30mdk.x86_64.rpm
7212b487461c2f16c7b53adc6883bc9e x86_64/corporate/3.0/RPMS/XFree86-doc-4.3-32.6.C30mdk.x86_64.rpm
059398da9ef868e4c445a3c3963804d7 x86_64/corporate/3.0/RPMS/XFree86-server-4.3-32.6.C30mdk.x86_64.rpm
7fa19747b99f4ddda0fa8bedc4e08e2b x86_64/corporate/3.0/RPMS/XFree86-xfs-4.3-32.6.C30mdk.x86_64.rpm
01fc36b3ec6878c51a61ec35f0e98328 x86_64/corporate/3.0/RPMS/XFree86-Xnest-4.3-32.6.C30mdk.x86_64.rpm
be65abdd2513cf7e687542a12638e907 x86_64/corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.6.C30mdk.x86_64.rpm
61d6302023daef2488822d0146d73baf x86_64/corporate/3.0/SRPMS/XFree86-4.3-32.6.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFE7dE5mqjQ0CJFipgRAkmJAJ987IPd2J7hufP3zvRBCAhRjADZHwCcDjYV
QXRKDea0qG0wZbb7c0ZIgsk=
=RU87
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists