MDKSA-2004:053

Package name

xpcd

Date

2004-06-01

Advisory ID

MDKSA-2004:053

Affected versions

10.0 amd64 , 9.2 i586 , 10.0 i586 , 9.2 amd64

Problem description

A vulnerability in xpcd-svga, part of xpcd, was discovered by Jaguar. xpcd-svga uses svgalib to display graphics on the console and it would copy user-supplied data of an arbitrary length into a fixed-size buffer in the pcd_open function. As well, Steve Kemp previously discovered a buffer overflow in xpcd-svga that could be triggered by a long HOME environment variable, which could be exploited by a local attacker to obtain root privileges. The updated packages resolve these vulnerabilities.

Updated packages

10.0 amd64

 50261e00a816e5621ce37d0f6320a941  amd64/10.0/RPMS/xpcd-2.08-20.1.100mdk.amd64.rpm
4362a1d3211af0c386aef08abfc74cc6  amd64/10.0/RPMS/xpcd-gimp-2.08-20.1.100mdk.amd64.rpm
b3df76a539187146894f18d67a2967fd  amd64/10.0/SRPMS/xpcd-2.08-20.1.100mdk.src.rpm

9.2 i586

 907efca9e8de1fc9489755c919c51b8b  9.2/RPMS/xpcd-2.08-20.1.92mdk.i586.rpm
41078887e2d6bf60d376540653e997f7  9.2/RPMS/xpcd-gimp-2.08-20.1.92mdk.i586.rpm
9e2a2741fb7130324737a9262dbe8afb  9.2/SRPMS/xpcd-2.08-20.1.92mdk.src.rpm

10.0 i586

 95c59861d1efef825ab730cba2691365  10.0/RPMS/xpcd-2.08-20.1.100mdk.i586.rpm
3114811e46e3a4b82e053894f153643d  10.0/RPMS/xpcd-gimp-2.08-20.1.100mdk.i586.rpm
b3df76a539187146894f18d67a2967fd  10.0/SRPMS/xpcd-2.08-20.1.100mdk.src.rpm

9.2 amd64

 4f434cc67c282744664a14e285b24e9e  amd64/9.2/RPMS/xpcd-2.08-20.1.92mdk.amd64.rpm
7b6d9c0dfe83763823cc007f0956b173  amd64/9.2/RPMS/xpcd-gimp-2.08-20.1.92mdk.amd64.rpm
9e2a2741fb7130324737a9262dbe8afb  amd64/9.2/SRPMS/xpcd-2.08-20.1.92mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0649
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0402