---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-434
2004-11-17
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : xorg-x11
Version     : 6.8.1
Release     : 12.FC3.1
Summary     : The basic fonts, programs and docs for an X workstation.
Description :
X.org X11 is an open source implementation of the X Window System.  It
provides the basic low level functionality which full fledged
graphical user interfaces (GUIs) such as GNOME and KDE are designed
upon.

---------------------------------------------------------------------
Update Information:

Several integer overflow flaws in the X.Org libXpm library used to decode
XPM (X PixMap) images have been found and addressed. An attacker could
create a carefully crafted XPM file which would cause an application to
crash or potentially execute arbitrary code if opened by a victim.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0914 to this issue.

Users are advised to upgrade to these erratum packages, which contain
backported security patches as well as other bug fixes.
---------------------------------------------------------------------
* Mon Nov 15 2004 Kristian Høgsberg <krh@redhat.com>

- Added xorg-x11-6.7.0-xpm-security-fixes-CAN-2004-0914.patch to fix a
   number of Xpm issues found by Thomas Biege <thomas@suse.de>
   (#136169)

---------------------------------------------------------------------
This update can be downloaded from:
     

71b25b43914ce57fca3cf5cdeb5f4f41  SRPMS/xorg-x11-6.8.1-12.FC3.1.src.rpm
6aebd3219118e744794665f5eff3ecd2  x86_64/xorg-x11-6.8.1-12.FC3.1.x86_64.rpm
5a695bc10a9167502570ae0dc4fc5c19  x86_64/xorg-x11-devel-6.8.1-12.FC3.1.x86_64.rpm
a1cec1ac8cfb276c71ae4c87bb4f891d  x86_64/xorg-x11-deprecated-libs-devel-6.8.1-12.FC3.1.x86_64.rpm
f44084a0ce34af29a162cecadde5cba9  x86_64/xorg-x11-font-utils-6.8.1-12.FC3.1.x86_64.rpm
e70b09d3e33c4782c7c6241d9c7cd445  x86_64/xorg-x11-xfs-6.8.1-12.FC3.1.x86_64.rpm
c410106110a81f3665e9b0ca060dc24d  x86_64/xorg-x11-twm-6.8.1-12.FC3.1.x86_64.rpm
053b59cb6a6f2dce1424c84ddea78c0f  x86_64/xorg-x11-xdm-6.8.1-12.FC3.1.x86_64.rpm
8da9e968a1993d3091d4bbfb4c793c0a  x86_64/xorg-x11-libs-6.8.1-12.FC3.1.x86_64.rpm
4f326bf4814a85afbd3f6c93f5599c47  x86_64/xorg-x11-deprecated-libs-6.8.1-12.FC3.1.x86_64.rpm
d6dd049341a9d9c09031b57ae2b83887  x86_64/xorg-x11-doc-6.8.1-12.FC3.1.x86_64.rpm
7229874bfacec9b804df5db4e14aa711  x86_64/xorg-x11-Xdmx-6.8.1-12.FC3.1.x86_64.rpm
5fbdf7b07a6517bbb99057e7e960e334  x86_64/xorg-x11-Xnest-6.8.1-12.FC3.1.x86_64.rpm
9194c4a3cd4b3e052f11cdb441325f38  x86_64/xorg-x11-tools-6.8.1-12.FC3.1.x86_64.rpm
9bc31cf7a229e2e074d998e5072ae763  x86_64/xorg-x11-xauth-6.8.1-12.FC3.1.x86_64.rpm
dc3203c98c0829b8e9b3d381bff3a28c  x86_64/xorg-x11-Mesa-libGL-6.8.1-12.FC3.1.x86_64.rpm
d2bdbe25a12b5173ddabb9f29ddc6600  x86_64/xorg-x11-Mesa-libGLU-6.8.1-12.FC3.1.x86_64.rpm
66e1e56304ccfcb27a3989b7faeaf13f  x86_64/xorg-x11-Xvfb-6.8.1-12.FC3.1.x86_64.rpm
89701b20f1fdcaec45ba41009d056b52  x86_64/xorg-x11-sdk-6.8.1-12.FC3.1.x86_64.rpm
2192559acdec3429cf5a31fc40316578  x86_64/xorg-x11-devel-6.8.1-12.FC3.1.i386.rpm
0bbd5b40004a228aa7b29f8d211e3750  x86_64/xorg-x11-libs-6.8.1-12.FC3.1.i386.rpm
ea8fcb15fa916a314b8f1d643c446e94  x86_64/xorg-x11-deprecated-libs-6.8.1-12.FC3.1.i386.rpm
9c0114a8d449a607b269a6d09ad7a5ca  x86_64/xorg-x11-Mesa-libGL-6.8.1-12.FC3.1.i386.rpm
5a1bbaa66be29cac32926ee573b68a10  x86_64/xorg-x11-Mesa-libGLU-6.8.1-12.FC3.1.i386.rpm
6b8c236f903301c6479fd5243a49b3a5  i386/xorg-x11-6.8.1-12.FC3.1.i386.rpm
2192559acdec3429cf5a31fc40316578  i386/xorg-x11-devel-6.8.1-12.FC3.1.i386.rpm
c05d6ed2c8a37b5af5c17580b48a1444  i386/xorg-x11-deprecated-libs-devel-6.8.1-12.FC3.1.i386.rpm
14ac9f373f85023bf74a33585efef17b  i386/xorg-x11-font-utils-6.8.1-12.FC3.1.i386.rpm
fa84d29bf5009dc90bb4e885f51e175a  i386/xorg-x11-xfs-6.8.1-12.FC3.1.i386.rpm
6b57c514f7b9848c2bfcbf9f749e6893  i386/xorg-x11-twm-6.8.1-12.FC3.1.i386.rpm
4a7fa3c2e2bd50c6e5968db10c5beb16  i386/xorg-x11-xdm-6.8.1-12.FC3.1.i386.rpm
0bbd5b40004a228aa7b29f8d211e3750  i386/xorg-x11-libs-6.8.1-12.FC3.1.i386.rpm
ea8fcb15fa916a314b8f1d643c446e94  i386/xorg-x11-deprecated-libs-6.8.1-12.FC3.1.i386.rpm
4076036309fd32a3aebb4b21027193d4  i386/xorg-x11-doc-6.8.1-12.FC3.1.i386.rpm
b28cea82051f5fdbbc57da3547bc8126  i386/xorg-x11-Xdmx-6.8.1-12.FC3.1.i386.rpm
789f00f3c95e977afafd216dd5e3633d  i386/xorg-x11-Xnest-6.8.1-12.FC3.1.i386.rpm
7b17873d150da89e8c32fa7bcc28d269  i386/xorg-x11-tools-6.8.1-12.FC3.1.i386.rpm
5bcbe76f554ce02340df0608ed0f794a  i386/xorg-x11-xauth-6.8.1-12.FC3.1.i386.rpm
9c0114a8d449a607b269a6d09ad7a5ca  i386/xorg-x11-Mesa-libGL-6.8.1-12.FC3.1.i386.rpm
5a1bbaa66be29cac32926ee573b68a10  i386/xorg-x11-Mesa-libGLU-6.8.1-12.FC3.1.i386.rpm
fc336ff5b7e75fc8dd907b94955112de  i386/xorg-x11-Xvfb-6.8.1-12.FC3.1.i386.rpm
2f4161097f649928190d01ff30e3fa6e  i386/xorg-x11-sdk-6.8.1-12.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com 
fedora-announce-list Info Page

Fedora: xorg-x11-6.8.1-12.FC3.1 update

November 17, 2004
Several integer overflow flaws in the X.Org libXpm library used to decode XPM (X PixMap) images have been found and addressed

Summary

X.org X11 is an open source implementation of the X Window System. It

provides the basic low level functionality which full fledged

graphical user interfaces (GUIs) such as GNOME and KDE are designed

upon.

Update Information:

Several integer overflow flaws in the X.Org libXpm library used to decode XPM (X PixMap) images have been found and addressed. An attacker could create a carefully crafted XPM file which would cause an application to crash or potentially execute arbitrary code if opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0914 to this issue.

Users are advised to upgrade to these erratum packages, which contain backported security patches as well as other bug fixes. * Mon Nov 15 2004 Kristian Høgsberg <krh@redhat.com>

- Added xorg-x11-6.7.0-xpm-security-fixes-CAN-2004-0914.patch to fix a number of Xpm issues found by Thomas Biege <thomas@suse.de> (#136169)

This update can be downloaded from:


71b25b43914ce57fca3cf5cdeb5f4f41 SRPMS/xorg-x11-6.8.1-12.FC3.1.src.rpm 6aebd3219118e744794665f5eff3ecd2 x86_64/xorg-x11-6.8.1-12.FC3.1.x86_64.rpm 5a695bc10a9167502570ae0dc4fc5c19 x86_64/xorg-x11-devel-6.8.1-12.FC3.1.x8...

Read the Full Advisory

Change Log

References

Fedora Update Notification FEDORA-2004-434 2004-11-17 Product : Fedora Core 3 Name : xorg-x11 Version : 6.8.1 Release : 12.FC3.1 Summary : The basic fonts, programs and docs for an X workstation. Description : X.org X11 is an open source implementation of the X Window System. It provides the basic low level functionality which full fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon.

Update Instructions

Severity
Product : Fedora Core 3
Name : xorg-x11
Version : 6.8.1
Release : 12.FC3.1
Summary : The basic fonts, programs and docs for an X workstation.

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved