RedHat: Moderate: openmotif security update RHSA-2005:412-01
Summary
Summary
OpenMotif provides libraries which implement the Motif industry standard graphical user interface. An integer overflow flaw was found in libXpm, which is used to decode XPM (X PixMap) images. A vulnerable version of this library was found within OpenMotif. An attacker could create a carefully crafted XPM file which would cause an application to crash or potentially execute arbitrary code if opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue. Users of OpenMotif are advised to upgrade to these erratum packages, which contains a backported security patch to the embedded libXpm library.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS:
fc696f8839bf611ea0f3ea23fa2abbc1 openmotif-2.1.30-13.21AS.5.src.rpm
i386:
82d4d85be0efd5e4611dcfd31cb2c782 openmotif-2.1.30-13.21AS.5.i386.rpm
a635c37af852402dd36090c8c4b74097 openmotif-devel-2.1.30-13.21AS.5.i386.rpm
ia64:
23a97afe7a12979b59436b7331e737e2 openmotif-2.1.30-13.21AS.5.ia64.rpm
435170af1e8f72455a9a3ea0b99d991d openmotif-devel-2.1.30-13.21AS.5.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
fc696f8839bf611ea0f3ea23fa2abbc1 openmotif-2.1.30-13.21AS.5.src.rpm
ia64:
23a97afe7a12979b59436b7331e737e2 openmotif-2.1.30-13.21AS.5.ia64.rpm
435170af1e8f72455a9a3ea0b99d991d openmotif-devel-2.1.30-13.21AS.5.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
fc696f8839bf611ea0f3ea23fa2abbc1 openmotif-2.1.30-13.21AS.5.src.rpm
i386:
82d4d85be0efd5e4611dcfd31cb2c782 openmotif-2.1.30-13.21AS.5.i386.rpm
a635c37af852402dd36090c8c4b74097 openmotif-devel-2.1.30-13.21AS.5.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
fc696f8839bf611ea0f3ea23fa2abbc1 openmotif-2.1.30-13.21AS.5.src.rpm
i386:
82d4d85be0efd5e4611dcfd31cb2c782 openmotif-2.1.30-13.21AS.5.i386.rpm
a635c37af852402dd36090c8c4b74097 openmotif-devel-2.1.30-13.21AS.5.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS:
3cd7bf76e1135f650e80ca6522412c69 openmotif-2.2.3-5.RHEL3.2.src.rpm
fc9c3cdfe2888fbb732ebe1e2a4af65f openmotif21-2.1.30-9.RHEL3.6.src.rpm
i386:
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
c2bdacac09caeb13bc916b9e6213b24f openmotif-devel-2.2.3-5.RHEL3.2.i386.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
ia64:
ab4961edbf87f51127e6f491a4da9eea openmotif-2.2.3-5.RHEL3.2.ia64.rpm
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
ee6f6ea8384e1d6e75e31a30167a44e0 openmotif-devel-2.2.3-5.RHEL3.2.ia64.rpm
0a0454015608b488ddb3c55d3278a14e openmotif21-2.1.30-9.RHEL3.6.ia64.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
ppc:
aa579c6cd9b990c200649c8e486080a6 openmotif-2.2.3-5.RHEL3.2.ppc.rpm
b20b1e8f68630389cb394bfb7c40155f openmotif-2.2.3-5.RHEL3.2.ppc64.rpm
5ce626584cb7aa546f5fcd10f6c56a19 openmotif-devel-2.2.3-5.RHEL3.2.ppc.rpm
s390:
08b1bea796c5d86b014b567edb5087cc openmotif-2.2.3-5.RHEL3.2.s390.rpm
cc2134a36b90a4359698f6c1999c1425 openmotif-devel-2.2.3-5.RHEL3.2.s390.rpm
s390x:
bd621dc1992af0815be37a0f63d446e8 openmotif-2.2.3-5.RHEL3.2.s390x.rpm
08b1bea796c5d86b014b567edb5087cc openmotif-2.2.3-5.RHEL3.2.s390.rpm
86c61331a3388af93c39cd5e823595cd openmotif-devel-2.2.3-5.RHEL3.2.s390x.rpm
x86_64:
72999fcdd0aa116594141125f1758bcc openmotif-2.2.3-5.RHEL3.2.x86_64.rpm
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
20dfdd4cb2f316fd525dbeff39546260 openmotif-devel-2.2.3-5.RHEL3.2.x86_64.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
Red Hat Desktop version 3:
SRPMS:
3cd7bf76e1135f650e80ca6522412c69 openmotif-2.2.3-5.RHEL3.2.src.rpm
fc9c3cdfe2888fbb732ebe1e2a4af65f openmotif21-2.1.30-9.RHEL3.6.src.rpm
i386:
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
c2bdacac09caeb13bc916b9e6213b24f openmotif-devel-2.2.3-5.RHEL3.2.i386.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
x86_64:
72999fcdd0aa116594141125f1758bcc openmotif-2.2.3-5.RHEL3.2.x86_64.rpm
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
20dfdd4cb2f316fd525dbeff39546260 openmotif-devel-2.2.3-5.RHEL3.2.x86_64.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
3cd7bf76e1135f650e80ca6522412c69 openmotif-2.2.3-5.RHEL3.2.src.rpm
fc9c3cdfe2888fbb732ebe1e2a4af65f openmotif21-2.1.30-9.RHEL3.6.src.rpm
i386:
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
c2bdacac09caeb13bc916b9e6213b24f openmotif-devel-2.2.3-5.RHEL3.2.i386.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
ia64:
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
ab4961edbf87f51127e6f491a4da9eea openmotif-2.2.3-5.RHEL3.2.ia64.rpm
ee6f6ea8384e1d6e75e31a30167a44e0 openmotif-devel-2.2.3-5.RHEL3.2.ia64.rpm
0a0454015608b488ddb3c55d3278a14e openmotif21-2.1.30-9.RHEL3.6.ia64.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
x86_64:
72999fcdd0aa116594141125f1758bcc openmotif-2.2.3-5.RHEL3.2.x86_64.rpm
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
20dfdd4cb2f316fd525dbeff39546260 openmotif-devel-2.2.3-5.RHEL3.2.x86_64.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
3cd7bf76e1135f650e80ca6522412c69 openmotif-2.2.3-5.RHEL3.2.src.rpm
fc9c3cdfe2888fbb732ebe1e2a4af65f openmotif21-2.1.30-9.RHEL3.6.src.rpm
i386:
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
c2bdacac09caeb13bc916b9e6213b24f openmotif-devel-2.2.3-5.RHEL3.2.i386.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
ia64:
ab4961edbf87f51127e6f491a4da9eea openmotif-2.2.3-5.RHEL3.2.ia64.rpm
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
ee6f6ea8384e1d6e75e31a30167a44e0 openmotif-devel-2.2.3-5.RHEL3.2.ia64.rpm
0a0454015608b488ddb3c55d3278a14e openmotif21-2.1.30-9.RHEL3.6.ia64.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
x86_64:
72999fcdd0aa116594141125f1758bcc openmotif-2.2.3-5.RHEL3.2.x86_64.rpm
47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm
20dfdd4cb2f316fd525dbeff39546260 openmotif-devel-2.2.3-5.RHEL3.2.x86_64.rpm
901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm
Red Hat Enterprise Linux AS version 4:
SRPMS:
33a7a4ad7fe6ec6960f4ec09972954c8 openmotif-2.2.3-9.RHEL4.1.src.rpm
36c7d95bc2d6cedec3ada3eeb575def1 openmotif21-2.1.30-11.RHEL4.4.src.rpm
i386:
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
d7eade810dfacc7de2ab529600974405 openmotif-devel-2.2.3-9.RHEL4.1.i386.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
ia64:
908695c253844642ad38070cf17f7a58 openmotif-2.2.3-9.RHEL4.1.ia64.rpm
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
8168147910ce21b4bc5f89dfb22dae83 openmotif-devel-2.2.3-9.RHEL4.1.ia64.rpm
776371f184502bcf8b28d73701e580d5 openmotif21-2.1.30-11.RHEL4.4.ia64.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
ppc:
c332f25632c26bf2b5d55960bc93f9c1 openmotif-2.2.3-9.RHEL4.1.ppc.rpm
4f98953c059ffe207e12159128927006 openmotif-2.2.3-9.RHEL4.1.ppc64.rpm
5c96da3bcfbc5cfd01a60bc0a3ee8e0c openmotif-devel-2.2.3-9.RHEL4.1.ppc.rpm
s390:
4f764a6ad8dc046b16b578c71a9dd733 openmotif-2.2.3-9.RHEL4.1.s390.rpm
e9f3bd11e16b08fb2d87d052f90923bc openmotif-devel-2.2.3-9.RHEL4.1.s390.rpm
s390x:
4e2615987a0ab95371f0d979db6eff0d openmotif-2.2.3-9.RHEL4.1.s390x.rpm
4f764a6ad8dc046b16b578c71a9dd733 openmotif-2.2.3-9.RHEL4.1.s390.rpm
52affcfcf476d51deaa3fd775aa5646b openmotif-devel-2.2.3-9.RHEL4.1.s390x.rpm
x86_64:
bc3cfce66bea5a3b3900b4e7d07b3b90 openmotif-2.2.3-9.RHEL4.1.x86_64.rpm
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
e657eee7a31222a98c1f6b5da0c2d234 openmotif-devel-2.2.3-9.RHEL4.1.x86_64.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
33a7a4ad7fe6ec6960f4ec09972954c8 openmotif-2.2.3-9.RHEL4.1.src.rpm
36c7d95bc2d6cedec3ada3eeb575def1 openmotif21-2.1.30-11.RHEL4.4.src.rpm
i386:
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
d7eade810dfacc7de2ab529600974405 openmotif-devel-2.2.3-9.RHEL4.1.i386.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
x86_64:
bc3cfce66bea5a3b3900b4e7d07b3b90 openmotif-2.2.3-9.RHEL4.1.x86_64.rpm
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
e657eee7a31222a98c1f6b5da0c2d234 openmotif-devel-2.2.3-9.RHEL4.1.x86_64.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
33a7a4ad7fe6ec6960f4ec09972954c8 openmotif-2.2.3-9.RHEL4.1.src.rpm
36c7d95bc2d6cedec3ada3eeb575def1 openmotif21-2.1.30-11.RHEL4.4.src.rpm
i386:
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
d7eade810dfacc7de2ab529600974405 openmotif-devel-2.2.3-9.RHEL4.1.i386.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
ia64:
908695c253844642ad38070cf17f7a58 openmotif-2.2.3-9.RHEL4.1.ia64.rpm
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
8168147910ce21b4bc5f89dfb22dae83 openmotif-devel-2.2.3-9.RHEL4.1.ia64.rpm
776371f184502bcf8b28d73701e580d5 openmotif21-2.1.30-11.RHEL4.4.ia64.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
x86_64:
bc3cfce66bea5a3b3900b4e7d07b3b90 openmotif-2.2.3-9.RHEL4.1.x86_64.rpm
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
e657eee7a31222a98c1f6b5da0c2d234 openmotif-devel-2.2.3-9.RHEL4.1.x86_64.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
33a7a4ad7fe6ec6960f4ec09972954c8 openmotif-2.2.3-9.RHEL4.1.src.rpm
36c7d95bc2d6cedec3ada3eeb575def1 openmotif21-2.1.30-11.RHEL4.4.src.rpm
i386:
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
d7eade810dfacc7de2ab529600974405 openmotif-devel-2.2.3-9.RHEL4.1.i386.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
ia64:
908695c253844642ad38070cf17f7a58 openmotif-2.2.3-9.RHEL4.1.ia64.rpm
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
8168147910ce21b4bc5f89dfb22dae83 openmotif-devel-2.2.3-9.RHEL4.1.ia64.rpm
776371f184502bcf8b28d73701e580d5 openmotif21-2.1.30-11.RHEL4.4.ia64.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
x86_64:
bc3cfce66bea5a3b3900b4e7d07b3b90 openmotif-2.2.3-9.RHEL4.1.x86_64.rpm
023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm
e657eee7a31222a98c1f6b5da0c2d234 openmotif-devel-2.2.3-9.RHEL4.1.x86_64.rpm
47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605
Package List
Topic
Topic
Relevant Releases Architectures
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Bugs Fixed
