RedHat: Important: XFree86 security update RHSA-2005:329-01
Summary
Summary
XFree86 is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. Several integer overflow bugs were found in the way XFree86 parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2495 to this issue. Users of XFree86 should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
166859 - CAN-2005-2495 multiple integer overflows
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS:
68105d09e61d134f4eeea78d407e2c1c XFree86-4.1.0-73.EL.src.rpm
i386:
7bfb8647be5c45fd54481e88789a8386 XFree86-100dpi-fonts-4.1.0-73.EL.i386.rpm
accd006aac390919cb4b743c7b8a06c7 XFree86-4.1.0-73.EL.i386.rpm
35900e00e5966302ddf4f5dedbd2a642 XFree86-75dpi-fonts-4.1.0-73.EL.i386.rpm
9a771dae1fcaaa54c6b0b542815abf47 XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.i386.rpm
9a5a8263b329a18d2e0b6a454b604d05 XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.i386.rpm
42846faf4475c767f45886d69ff57e3b XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.i386.rpm
86a5010643deb6ffc0c71479c3d33643 XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.i386.rpm
47b9195b04aa1c09bdf93535f3ed8b7f XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.i386.rpm
645be8672a5b68d8cfc06e912922415e XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.i386.rpm
f221e7ab3db313164eae2f6c55648332 XFree86-Xnest-4.1.0-73.EL.i386.rpm
dbf8174d090bf2205346ce5d9e9cd62d XFree86-Xvfb-4.1.0-73.EL.i386.rpm
644769c49a6fa25775b5ca6c382e8790 XFree86-cyrillic-fonts-4.1.0-73.EL.i386.rpm
44923286bea73a111d605bc7bdbbcdda XFree86-devel-4.1.0-73.EL.i386.rpm
973f570aa5360f82c036d4d24ef4ca73 XFree86-doc-4.1.0-73.EL.i386.rpm
6ee4c63ae5e1c0eb89d5d882cb0d0f9f XFree86-libs-4.1.0-73.EL.i386.rpm
bc2fbcc9bc7cdae9188e2f1d723d6f22 XFree86-tools-4.1.0-73.EL.i386.rpm
d121052ee17ebc9f4486fd7b60711991 XFree86-twm-4.1.0-73.EL.i386.rpm
884bb55c80164fa42c3e9217dd0cb76c XFree86-xdm-4.1.0-73.EL.i386.rpm
1ee085b3133194a125ac6f7dc92ef873 XFree86-xf86cfg-4.1.0-73.EL.i386.rpm
68a372b062401429400dad8be08a11b5 XFree86-xfs-4.1.0-73.EL.i386.rpm
ia64:
ee5701ed43004f2a6d1676d7dea6dc16 XFree86-100dpi-fonts-4.1.0-73.EL.ia64.rpm
4a31cf14292d93a555753009e4e1b9ca XFree86-4.1.0-73.EL.ia64.rpm
1a541bbb2bdf3c6d44f2ec8c8be5d341 XFree86-75dpi-fonts-4.1.0-73.EL.ia64.rpm
fe3f03099e0262f311eb5859cb8fb487 XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.ia64.rpm
27bc9e6685a0a11e1576bc9fbdb2cb1b XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.ia64.rpm
4deee3145ad33af1e3e10442110cdd86 XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.ia64.rpm
2abed5d1f6fe7f288342399e12f34436 XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.ia64.rpm
ffd6eba67c32f6455f77c13fb9786a44 XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.ia64.rpm
5ce540a13a8256c64a6078b00b25de01 XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.ia64.rpm
06c29dbdcb7b9fd05453de3248c4025b XFree86-Xnest-4.1.0-73.EL.ia64.rpm
89c3d54aa79c0955b664a8ca775c6e86 XFree86-Xvfb-4.1.0-73.EL.ia64.rpm
bfbfe03a6f18c8c455bc1f91353e1e59 XFree86-cyrillic-fonts-4.1.0-73.EL.ia64.rpm
5bd1c11f18b01bc2b837346a9bcd7b8b XFree86-devel-4.1.0-73.EL.ia64.rpm
2d4393e35b72990be9f27b5007e326bf XFree86-doc-4.1.0-73.EL.ia64.rpm
52f463aa870c45379f0b076ebca0bffa XFree86-libs-4.1.0-73.EL.ia64.rpm
f7d6d5c139d725d25481f56cf740bfc2 XFree86-tools-4.1.0-73.EL.ia64.rpm
186a356c8a95aa51007d3192df252668 XFree86-twm-4.1.0-73.EL.ia64.rpm
04f92781878ebd07c93d5af2052ea9dc XFree86-xdm-4.1.0-73.EL.ia64.rpm
1d55c1fe1dabcd78426cf21790a03887 XFree86-xfs-4.1.0-73.EL.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
68105d09e61d134f4eeea78d407e2c1c XFree86-4.1.0-73.EL.src.rpm
ia64:
ee5701ed43004f2a6d1676d7dea6dc16 XFree86-100dpi-fonts-4.1.0-73.EL.ia64.rpm
4a31cf14292d93a555753009e4e1b9ca XFree86-4.1.0-73.EL.ia64.rpm
1a541bbb2bdf3c6d44f2ec8c8be5d341 XFree86-75dpi-fonts-4.1.0-73.EL.ia64.rpm
fe3f03099e0262f311eb5859cb8fb487 XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.ia64.rpm
27bc9e6685a0a11e1576bc9fbdb2cb1b XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.ia64.rpm
4deee3145ad33af1e3e10442110cdd86 XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.ia64.rpm
2abed5d1f6fe7f288342399e12f34436 XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.ia64.rpm
ffd6eba67c32f6455f77c13fb9786a44 XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.ia64.rpm
5ce540a13a8256c64a6078b00b25de01 XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.ia64.rpm
06c29dbdcb7b9fd05453de3248c4025b XFree86-Xnest-4.1.0-73.EL.ia64.rpm
89c3d54aa79c0955b664a8ca775c6e86 XFree86-Xvfb-4.1.0-73.EL.ia64.rpm
bfbfe03a6f18c8c455bc1f91353e1e59 XFree86-cyrillic-fonts-4.1.0-73.EL.ia64.rpm
5bd1c11f18b01bc2b837346a9bcd7b8b XFree86-devel-4.1.0-73.EL.ia64.rpm
2d4393e35b72990be9f27b5007e326bf XFree86-doc-4.1.0-73.EL.ia64.rpm
52f463aa870c45379f0b076ebca0bffa XFree86-libs-4.1.0-73.EL.ia64.rpm
f7d6d5c139d725d25481f56cf740bfc2 XFree86-tools-4.1.0-73.EL.ia64.rpm
186a356c8a95aa51007d3192df252668 XFree86-twm-4.1.0-73.EL.ia64.rpm
04f92781878ebd07c93d5af2052ea9dc XFree86-xdm-4.1.0-73.EL.ia64.rpm
1d55c1fe1dabcd78426cf21790a03887 XFree86-xfs-4.1.0-73.EL.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
68105d09e61d134f4eeea78d407e2c1c XFree86-4.1.0-73.EL.src.rpm
i386:
7bfb8647be5c45fd54481e88789a8386 XFree86-100dpi-fonts-4.1.0-73.EL.i386.rpm
accd006aac390919cb4b743c7b8a06c7 XFree86-4.1.0-73.EL.i386.rpm
35900e00e5966302ddf4f5dedbd2a642 XFree86-75dpi-fonts-4.1.0-73.EL.i386.rpm
9a771dae1fcaaa54c6b0b542815abf47 XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.i386.rpm
9a5a8263b329a18d2e0b6a454b604d05 XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.i386.rpm
42846faf4475c767f45886d69ff57e3b XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.i386.rpm
86a5010643deb6ffc0c71479c3d33643 XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.i386.rpm
47b9195b04aa1c09bdf93535f3ed8b7f XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.i386.rpm
645be8672a5b68d8cfc06e912922415e XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.i386.rpm
f221e7ab3db313164eae2f6c55648332 XFree86-Xnest-4.1.0-73.EL.i386.rpm
dbf8174d090bf2205346ce5d9e9cd62d XFree86-Xvfb-4.1.0-73.EL.i386.rpm
644769c49a6fa25775b5ca6c382e8790 XFree86-cyrillic-fonts-4.1.0-73.EL.i386.rpm
44923286bea73a111d605bc7bdbbcdda XFree86-devel-4.1.0-73.EL.i386.rpm
973f570aa5360f82c036d4d24ef4ca73 XFree86-doc-4.1.0-73.EL.i386.rpm
6ee4c63ae5e1c0eb89d5d882cb0d0f9f XFree86-libs-4.1.0-73.EL.i386.rpm
bc2fbcc9bc7cdae9188e2f1d723d6f22 XFree86-tools-4.1.0-73.EL.i386.rpm
d121052ee17ebc9f4486fd7b60711991 XFree86-twm-4.1.0-73.EL.i386.rpm
884bb55c80164fa42c3e9217dd0cb76c XFree86-xdm-4.1.0-73.EL.i386.rpm
1ee085b3133194a125ac6f7dc92ef873 XFree86-xf86cfg-4.1.0-73.EL.i386.rpm
68a372b062401429400dad8be08a11b5 XFree86-xfs-4.1.0-73.EL.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
68105d09e61d134f4eeea78d407e2c1c XFree86-4.1.0-73.EL.src.rpm
i386:
7bfb8647be5c45fd54481e88789a8386 XFree86-100dpi-fonts-4.1.0-73.EL.i386.rpm
accd006aac390919cb4b743c7b8a06c7 XFree86-4.1.0-73.EL.i386.rpm
35900e00e5966302ddf4f5dedbd2a642 XFree86-75dpi-fonts-4.1.0-73.EL.i386.rpm
9a771dae1fcaaa54c6b0b542815abf47 XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.i386.rpm
9a5a8263b329a18d2e0b6a454b604d05 XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.i386.rpm
42846faf4475c767f45886d69ff57e3b XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.i386.rpm
86a5010643deb6ffc0c71479c3d33643 XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.i386.rpm
47b9195b04aa1c09bdf93535f3ed8b7f XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.i386.rpm
645be8672a5b68d8cfc06e912922415e XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.i386.rpm
f221e7ab3db313164eae2f6c55648332 XFree86-Xnest-4.1.0-73.EL.i386.rpm
dbf8174d090bf2205346ce5d9e9cd62d XFree86-Xvfb-4.1.0-73.EL.i386.rpm
644769c49a6fa25775b5ca6c382e8790 XFree86-cyrillic-fonts-4.1.0-73.EL.i386.rpm
44923286bea73a111d605bc7bdbbcdda XFree86-devel-4.1.0-73.EL.i386.rpm
973f570aa5360f82c036d4d24ef4ca73 XFree86-doc-4.1.0-73.EL.i386.rpm
6ee4c63ae5e1c0eb89d5d882cb0d0f9f XFree86-libs-4.1.0-73.EL.i386.rpm
bc2fbcc9bc7cdae9188e2f1d723d6f22 XFree86-tools-4.1.0-73.EL.i386.rpm
d121052ee17ebc9f4486fd7b60711991 XFree86-twm-4.1.0-73.EL.i386.rpm
884bb55c80164fa42c3e9217dd0cb76c XFree86-xdm-4.1.0-73.EL.i386.rpm
1ee085b3133194a125ac6f7dc92ef873 XFree86-xf86cfg-4.1.0-73.EL.i386.rpm
68a372b062401429400dad8be08a11b5 XFree86-xfs-4.1.0-73.EL.i386.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2495
Package List
Topic
Topic
Relevant Releases Architectures
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Bugs Fixed