lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1GGKtt-0001uh-FG@mercury.mandriva.com>
Date: Thu, 24 Aug 2006 13:30:01 -0600
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDKSA-2006:148 ] - Updated xorg-x11 packages
	fix vulnerabilities


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:148
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : xorg-x11
 Date    : August 24, 2006
 Affected: 2006.0, Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 An integer overflow flaw was discovered in how xorg-x11/XFree86 handles
 PCF files.  A malicious authorized client could exploit the issue to
 cause a DoS (crash) or potentially execute arbitrary code with root
 privileges on the xorg-x11/XFree86 server.
 
 Updated packages are patched to address this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 e96690462ea6e57335b457d763e26b80  2006.0/RPMS/libxorg-x11-6.9.0-5.8.20060mdk.i586.rpm
 31f632a499f6a55459ce5446ad5871b5  2006.0/RPMS/libxorg-x11-devel-6.9.0-5.8.20060mdk.i586.rpm
 1c0eda1098546a703159832671e10e99  2006.0/RPMS/libxorg-x11-static-devel-6.9.0-5.8.20060mdk.i586.rpm
 5ac9c8c715cb5df656ccbacec5a87dae  2006.0/RPMS/X11R6-contrib-6.9.0-5.8.20060mdk.i586.rpm
 ac15309aaeb2a021658314afde737da4  2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.8.20060mdk.i586.rpm
 f155986261ac4d70982f68b51a38c3dc  2006.0/RPMS/xorg-x11-6.9.0-5.8.20060mdk.i586.rpm
 1c7afcc1116ae6db0df1fbec846c552f  2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.8.20060mdk.i586.rpm
 2273cbc4aac47f3060e39a5bebc69392  2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.8.20060mdk.i586.rpm
 f67859d61e75afe3bcc1e481e346c72c  2006.0/RPMS/xorg-x11-doc-6.9.0-5.8.20060mdk.i586.rpm
 f2685335f3b56d1e4d00f629fc4c4bad  2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.8.20060mdk.i586.rpm
 dbb7aecf3aa04ebdd98ce07a2d8e7ba5  2006.0/RPMS/xorg-x11-server-6.9.0-5.8.20060mdk.i586.rpm
 bdb37de9d95ac078fa2e1a0e87de7a5e  2006.0/RPMS/xorg-x11-xauth-6.9.0-5.8.20060mdk.i586.rpm
 06022dee267d75d01ff580a9e7afa3d4  2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.8.20060mdk.i586.rpm
 483903328a38387fc0d0584e5478d474  2006.0/RPMS/xorg-x11-xfs-6.9.0-5.8.20060mdk.i586.rpm
 6c720d145e82cfa47b3ffabae2b5493a  2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.8.20060mdk.i586.rpm
 bc7b594caa1d2142eb32f25e5a8bbf57  2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.8.20060mdk.i586.rpm
 5861d29021e989dd2ebcc668c6620444  2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.8.20060mdk.i586.rpm
 5915dadb375c54be929c6f336b7c0231  2006.0/SRPMS/xorg-x11-6.9.0-5.8.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 2f0e74defdcef7544d949eaef81051b7  x86_64/2006.0/RPMS/lib64xorg-x11-6.9.0-5.8.20060mdk.x86_64.rpm
 f9dca9d58a256e537586df14f0f3709b  x86_64/2006.0/RPMS/lib64xorg-x11-devel-6.9.0-5.8.20060mdk.x86_64.rpm
 ff60d844dbf4f376a2e7ec5468cd5701  x86_64/2006.0/RPMS/lib64xorg-x11-static-devel-6.9.0-5.8.20060mdk.x86_64.rpm
 3d7251620e95952a72708a25a9d6b9ad  x86_64/2006.0/RPMS/X11R6-contrib-6.9.0-5.8.20060mdk.x86_64.rpm
 ae47c639f87ca7238c54449e4dac06e4  x86_64/2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.8.20060mdk.x86_64.rpm
 a9b1178ae4b51e0f04ca6ab305b7dd00  x86_64/2006.0/RPMS/xorg-x11-6.9.0-5.8.20060mdk.x86_64.rpm
 1c53adb504f5bdd86123e8cc470e2316  x86_64/2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.8.20060mdk.x86_64.rpm
 49f3696276eb8d8db9894ad74aa300e7  x86_64/2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.8.20060mdk.x86_64.rpm
 f2b94e866eeafb9db914990f19ace8c7  x86_64/2006.0/RPMS/xorg-x11-doc-6.9.0-5.8.20060mdk.x86_64.rpm
 f31dd3184054ea253f98e9b628a835e4  x86_64/2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.8.20060mdk.x86_64.rpm
 2f17814f669ec11941bf1a8d72213cfa  x86_64/2006.0/RPMS/xorg-x11-server-6.9.0-5.8.20060mdk.x86_64.rpm
 b55e6ba22af3d404d83a4e6c762620b1  x86_64/2006.0/RPMS/xorg-x11-xauth-6.9.0-5.8.20060mdk.x86_64.rpm
 130f98fbbbd53c49f1af4a174ce46d48  x86_64/2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.8.20060mdk.x86_64.rpm
 263baf4aa6f429af65a4f22c25b1f967  x86_64/2006.0/RPMS/xorg-x11-xfs-6.9.0-5.8.20060mdk.x86_64.rpm
 893c19c630ef1c6adcc189c7e87fd533  x86_64/2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.8.20060mdk.x86_64.rpm
 9e83acc573420cebe10682e38e9435ac  x86_64/2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.8.20060mdk.x86_64.rpm
 7d562d5dcccc236eee9e9b62e68297f4  x86_64/2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.8.20060mdk.x86_64.rpm
 5915dadb375c54be929c6f336b7c0231  x86_64/2006.0/SRPMS/xorg-x11-6.9.0-5.8.20060mdk.src.rpm

 Corporate 3.0:
 b8ec2f34a2de5dcce58c767d7acb9742  corporate/3.0/RPMS/libxfree86-4.3-32.6.C30mdk.i586.rpm
 17ef760371f3c6132ffbeb16b8cc334f  corporate/3.0/RPMS/libxfree86-devel-4.3-32.6.C30mdk.i586.rpm
 0dfdac241d26016477688c7cdafa9954  corporate/3.0/RPMS/libxfree86-static-devel-4.3-32.6.C30mdk.i586.rpm
 b3c9d0af6cd576695f42646b0e64823b  corporate/3.0/RPMS/X11R6-contrib-4.3-32.6.C30mdk.i586.rpm
 68c7ceffb72aa9962ff785470a4420eb  corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.6.C30mdk.i586.rpm
 f6c0dcbb55abfdb3fe731e7a02a516d7  corporate/3.0/RPMS/XFree86-4.3-32.6.C30mdk.i586.rpm
 691a6da2b476618b92410b54b2cc659e  corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.6.C30mdk.i586.rpm
 7d86c5eed71597a8ccb9615dbdcd203e  corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.6.C30mdk.i586.rpm
 54890690be35fa07c24a153294b4f047  corporate/3.0/RPMS/XFree86-doc-4.3-32.6.C30mdk.i586.rpm
 ad22989ca3a580e832224a032ccb2e5f  corporate/3.0/RPMS/XFree86-glide-module-4.3-32.6.C30mdk.i586.rpm
 67f5e5000b538a5df6dd7d999acfaecd  corporate/3.0/RPMS/XFree86-server-4.3-32.6.C30mdk.i586.rpm
 db5ba130a18b93d416e781b77e48b752  corporate/3.0/RPMS/XFree86-xfs-4.3-32.6.C30mdk.i586.rpm
 2c09fd4d1a1b61a1170c6d50eb675979  corporate/3.0/RPMS/XFree86-Xnest-4.3-32.6.C30mdk.i586.rpm
 70b0c2ec881d07f1db12921d072b77d6  corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.6.C30mdk.i586.rpm
 61d6302023daef2488822d0146d73baf  corporate/3.0/SRPMS/XFree86-4.3-32.6.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 40d18d307b0d7ebcc665559a31226c97  x86_64/corporate/3.0/RPMS/lib64xfree86-4.3-32.6.C30mdk.x86_64.rpm
 b482d0e7d223afeda7c15a78dc91f526  x86_64/corporate/3.0/RPMS/lib64xfree86-devel-4.3-32.6.C30mdk.x86_64.rpm
 4850377b6975c3b6747ced40f77fefda  x86_64/corporate/3.0/RPMS/lib64xfree86-static-devel-4.3-32.6.C30mdk.x86_64.rpm
 962df4b68d2ac9b94540b1f12b5daeb4  x86_64/corporate/3.0/RPMS/X11R6-contrib-4.3-32.6.C30mdk.x86_64.rpm
 a7ef4764f0e80e25f46d8118ea926eb0  x86_64/corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.6.C30mdk.x86_64.rpm
 93da80be668a3feeb55cbf418e9ca3ba  x86_64/corporate/3.0/RPMS/XFree86-4.3-32.6.C30mdk.x86_64.rpm
 cb6db58a236a35a6923f475b595426fa  x86_64/corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.6.C30mdk.x86_64.rpm
 5243dcbb796550a6c3cb6097ef0e8b93  x86_64/corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.6.C30mdk.x86_64.rpm
 7212b487461c2f16c7b53adc6883bc9e  x86_64/corporate/3.0/RPMS/XFree86-doc-4.3-32.6.C30mdk.x86_64.rpm
 059398da9ef868e4c445a3c3963804d7  x86_64/corporate/3.0/RPMS/XFree86-server-4.3-32.6.C30mdk.x86_64.rpm
 7fa19747b99f4ddda0fa8bedc4e08e2b  x86_64/corporate/3.0/RPMS/XFree86-xfs-4.3-32.6.C30mdk.x86_64.rpm
 01fc36b3ec6878c51a61ec35f0e98328  x86_64/corporate/3.0/RPMS/XFree86-Xnest-4.3-32.6.C30mdk.x86_64.rpm
 be65abdd2513cf7e687542a12638e907  x86_64/corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.6.C30mdk.x86_64.rpm
 61d6302023daef2488822d0146d73baf  x86_64/corporate/3.0/SRPMS/XFree86-4.3-32.6.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE7dE5mqjQ0CJFipgRAkmJAJ987IPd2J7hufP3zvRBCAhRjADZHwCcDjYV
QXRKDea0qG0wZbb7c0ZIgsk=
=RU87
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ