Paketname
XFree86
Datum
2008-06-16
Advisory ID
MDVSA-2008:115
Betroffene Versionen
CS3.0 i586 , CS3.0 x86_64

Problembeschreibung

An input validation flaw was found in X.org's Security and Record
extensions. A malicious authorized client could exploit the issue
to cause a denial of service (crash) or possibly execute arbitrary
code with root privileges on the X.org server (CVE-2008-1377).

An input validation flaw was found in X.org's MIT-SHM extension.
A client connected to the X.org server could read arbitrary server
memory, resulting in the disclosure of sensitive data of other users
of the X.org server (CVE-2008-1379).

Multiple integer overflows were found in X.org's Render extension.
A malicious authorized client could explot these issues to cause a
denial of service (crash) or possibly execute arbitrary code with
root privileges on the X.org server (CVE-2008-2360, CVE-2008-2361).

The updated packages have been patched to prevent these issues.

Aktualisierte Pakete

CS3.0 i586

 a305bb0ad6cd2be60f7adedd5e164411  corporate/3.0/i586/libxfree86-4.3-32.16.C30mdk.i586.rpm
 27f01f163d1d8cb6fd33e852de531a1a  corporate/3.0/i586/libxfree86-devel-4.3-32.16.C30mdk.i586.rpm
 19c3b2641c0aa86a21049e90c2b3ccd9  corporate/3.0/i586/libxfree86-static-devel-4.3-32.16.C30mdk.i586.rpm
 4a0413a3568d7dc418b2d1c2468177ea  corporate/3.0/i586/X11R6-contrib-4.3-32.16.C30mdk.i586.rpm
 54b2492a5c3b21fa05587adff48aa080  corporate/3.0/i586/XFree86-100dpi-fonts-4.3-32.16.C30mdk.i586.rpm
 687c21c83530c0d8d306b0c180b0a8d8  corporate/3.0/i586/XFree86-4.3-32.16.C30mdk.i586.rpm
 d3c807bae1c0b26c40043f3a395df345  corporate/3.0/i586/XFree86-75dpi-fonts-4.3-32.16.C30mdk.i586.rpm
 78ad2ccdaa585998aff8382d80a611e2  corporate/3.0/i586/XFree86-cyrillic-fonts-4.3-32.16.C30mdk.i586.rpm
 9526a9761a714042287a6021438ecbb3  corporate/3.0/i586/XFree86-doc-4.3-32.16.C30mdk.i586.rpm
 d234ed69212ada78d4e89fbbb9a37c0f  corporate/3.0/i586/XFree86-glide-module-4.3-32.16.C30mdk.i586.rpm
 b347db273e18d7d6500b5a4850b3b31c  corporate/3.0/i586/XFree86-server-4.3-32.16.C30mdk.i586.rpm
 8628b4470e7324c2ddc933ed81261fcd  corporate/3.0/i586/XFree86-xfs-4.3-32.16.C30mdk.i586.rpm
 06a7a3a7d44d37364d41ebfcd97708c8  corporate/3.0/i586/XFree86-Xnest-4.3-32.16.C30mdk.i586.rpm
 6334310368ddee26fd3727222a88f016  corporate/3.0/i586/XFree86-Xvfb-4.3-32.16.C30mdk.i586.rpm 
 e0cc44b644c9f867f1f89b4a4fb61de2  corporate/3.0/SRPMS/XFree86-4.3-32.16.C30mdk.src.rpm

CS3.0 x86_64

 fdae8ca675e6a92d5f3e6a3e12f8dabe  corporate/3.0/x86_64/lib64xfree86-4.3-32.16.C30mdk.x86_64.rpm
 80fe75f04ad54d8e2579cd11714b9079  corporate/3.0/x86_64/lib64xfree86-devel-4.3-32.16.C30mdk.x86_64.rpm
 5b7669cd92060f8e4bb3bb78d366654f  corporate/3.0/x86_64/lib64xfree86-static-devel-4.3-32.16.C30mdk.x86_64.rpm
 65b98282d535bf04971e11ee5f8bff44  corporate/3.0/x86_64/X11R6-contrib-4.3-32.16.C30mdk.x86_64.rpm
 9ad69cc110dc9bc3f9c2d37d2b157a68  corporate/3.0/x86_64/XFree86-100dpi-fonts-4.3-32.16.C30mdk.x86_64.rpm
 35d8852fd52f67a3db58cfbb71d88b95  corporate/3.0/x86_64/XFree86-4.3-32.16.C30mdk.x86_64.rpm
 0db3d42580a476faee7202b48a546586  corporate/3.0/x86_64/XFree86-75dpi-fonts-4.3-32.16.C30mdk.x86_64.rpm
 1bde0c17d8b6f99bbb1060695395e79e  corporate/3.0/x86_64/XFree86-cyrillic-fonts-4.3-32.16.C30mdk.x86_64.rpm
 f38e44512019a5b9f13c9bd19d827e56  corporate/3.0/x86_64/XFree86-doc-4.3-32.16.C30mdk.x86_64.rpm
 b36b4dc06a9f52b3842910f5783c7f3b  corporate/3.0/x86_64/XFree86-server-4.3-32.16.C30mdk.x86_64.rpm
 498d4e9e3d4840fb8ef41c854180f954  corporate/3.0/x86_64/XFree86-xfs-4.3-32.16.C30mdk.x86_64.rpm
 0526b4c13823d7562f53087a1a5d1dac  corporate/3.0/x86_64/XFree86-Xnest-4.3-32.16.C30mdk.x86_64.rpm
 143b310524114a3887e034878a2be14d  corporate/3.0/x86_64/XFree86-Xvfb-4.3-32.16.C30mdk.x86_64.rpm 
 e0cc44b644c9f867f1f89b4a4fb61de2  corporate/3.0/SRPMS/XFree86-4.3-32.16.C30mdk.src.rpm

Referenzen