[Full-Disclosure] [RHSA-2003:064-01] Updated XFree86 4.1.0 packages are available

bugzilla_at_redhat.com
Date: 06/25/03

  • Next message: Philippe Biondi: "Re: [Full-Disclosure] Re: Internet Explorer >=5.0 : Buffer overflow"
    To: redhat-watch-list@redhat.com
    Date: Wed, 25 Jun 2003 11:54 -0400
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ---------------------------------------------------------------------
                       Red Hat Security Advisory

    Synopsis: Updated XFree86 4.1.0 packages are available
    Advisory ID: RHSA-2003:064-01
    Issue date: 2003-06-25
    Updated on: 2003-06-25
    Product: Red Hat Linux
    Keywords:
    Cross references:
    Obsoletes: RHBA-2002:068
    CVE Names: CAN-2001-1409 CAN-2002-0164 CAN-2002-1510 CAN-2003-0063 CAN-2003-0071
    - ---------------------------------------------------------------------

    1. Topic:

    Updated XFree86 packages that resolve various security issues and
    additionally provide a number of bug fixes and enhancements are now
    available for Red Hat Linux 7.1 and 7.2.

    2. Relevant releases/architectures:

    Red Hat Linux 7.1 - i386
    Red Hat Linux 7.2 - i386, ia64

    3. Problem description:

    XFree86 is an implementation of the X Window System, which provides the
    graphical user interface, video drivers, etc. for Linux systems.

    Since the last XFree86 update for Red Hat Linux 7.1 and 7.2, a number of
    security vulnerabilities have been found and fixed. In addition, various
    other bug fixes, driver updates, and other enhancements have been made.

    Security fixes:

    Xterm, provided as part of the XFree86 packages, provides an escape
    sequence for reporting the current window title. This escape sequence
    essentially takes the current title and places it directly on the command
    line. An attacker can craft an escape sequence that sets the victim's Xterm
    window title to an arbitrary command, and then reports it to the command
    line. Since it is not possible to embed a carriage return into the window
    title, the attacker would then have to convince the victim to press Enter
    for the shell to process the title as a command, although the attacker
    could craft other escape sequences that might convince the victim to do so.
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2003-0063 to this issue.

    It is possible to lock up versions of Xterm by sending an invalid DEC
    UDK escape sequence. The Common Vulnerabilities and Exposures project
    (cve.mitre.org) has assigned the name CAN-2003-0071 to this issue.

    The xdm display manager, with the authComplain variable set to false,
    allows arbitrary attackers to connect to the X server if the xdm auth
    directory does not exist. The Common Vulnerabilities and Exposures project
    (cve.mitre.org) has assigned the name CAN-2002-1510 to this issue.

    These erratum packages also contain an updated fix for CAN-2002-0164, a
    vulnerability in the MIT-SHM extension of the X server that allows local
    users to read and write arbitrary shared memory. The original fix did not
    cover the case where the X server is started from xdm.

    The X server was setting the /dev/dri directory permissions incorrectly,
    which resulted in the directory being world writable. It now sets the
    directory permissions to a safe value. The Common Vulnerabilities and
    Exposures project (cve.mitre.org) has assigned the name CAN-2001-1409 to
    this issue.

    Driver updates and other fixes:

    The Rage 128 video driver (r128) has been updated to provide 2D support
    for all previously unsupported ATI Rage 128 hardware. DRI 3D support
    should also work on the majority of Rage 128 hardware.

    Bad page size assumptions in the ATI Radeon video driver (radeon) have
    been fixed to allow the driver to work properly on ia64 and other
    architectures where the page size is not fixed.

    A long-standing XFree86 bug has been fixed. This bug occurs when any form
    of system clock skew (such as NTP clock synchronization, APM suspend/resume
    cycling on laptops, daylight savings time changeover, or even manually
    setting the system clock forward or backward) could result in odd
    application behavior, mouse and keyboard lockups, or even an X server hang
    or crash.

    The S3 Savage driver (savage) has been updated to the upstream author's
    latest version "1.1.27t", which should fix numerous bugs reported by
    various users, as well as adding support for some newer savage hardware.

    Users are advised to upgrade to these updated packages, which are not
    vulnerable to the previously-mentioned security issues.

    4. Solution:

    Before applying this update, make sure all previously released errata
    relevant to your system have been applied.

    To update all RPMs for your particular architecture, run:

    rpm -Fvh [filenames]

    where [filenames] is a list of the RPMs you wish to upgrade. Only those
    RPMs which are currently installed will be updated. Those RPMs which are
    not installed but included in the list will not be updated. Note that you
    can also use wildcards (*.rpm) if your current directory *only* contains the
    desired RPMs.

    Please note that this update is also available via Red Hat Network. Many
    people find this an easier way to apply updates. To use Red Hat Network,
    launch the Red Hat Update Agent with the following command:

    up2date

    This will start an interactive process that will result in the appropriate
    RPMs being upgraded on your system.

    5. RPMs required:

    Red Hat Linux 7.1:

    SRPMS:
    ftp://updates.redhat.com/7.1/en/os/SRPMS/XFree86-4.1.0-49.src.rpm

    i386:
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-100dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-75dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-cyrillic-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-devel-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-doc-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-libs-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-tools-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-twm-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-xdm-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-xf86cfg-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-xfs-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-Xnest-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/XFree86-Xvfb-4.1.0-49.i386.rpm

    Red Hat Linux 7.2:

    SRPMS:
    ftp://updates.redhat.com/7.2/en/os/SRPMS/XFree86-4.1.0-49.src.rpm

    i386:
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-100dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-75dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-cyrillic-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-devel-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-doc-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-libs-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-tools-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-twm-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-xdm-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-xf86cfg-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-xfs-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-Xnest-4.1.0-49.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/XFree86-Xvfb-4.1.0-49.i386.rpm

    ia64:
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-100dpi-fonts-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-75dpi-fonts-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-cyrillic-fonts-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-devel-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-doc-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-libs-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-tools-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-twm-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-xdm-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-xfs-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-Xnest-4.1.0-49.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/XFree86-Xvfb-4.1.0-49.ia64.rpm

    6. Verification:

    MD5 sum Package Name
    - --------------------------------------------------------------------------
    255e508c0444be66aad401f48ec0e6a6 7.1/en/os/SRPMS/XFree86-4.1.0-49.src.rpm
    65e1eb830be72af2f7538ee5e1fd0fea 7.1/en/os/i386/XFree86-100dpi-fonts-4.1.0-49.i386.rpm
    18cc85bff08f8247c9fea09283ccf45a 7.1/en/os/i386/XFree86-4.1.0-49.i386.rpm
    930d4edb4899f1b78cdc1cd2b19ab38c 7.1/en/os/i386/XFree86-75dpi-fonts-4.1.0-49.i386.rpm
    0cce2b5afb99c32e926ef43261ff2250 7.1/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.i386.rpm
    af88742bd8458f8e57cdf6e531457536 7.1/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.i386.rpm
    e05cf77457ccd3e315e9d3d591782c7a 7.1/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.i386.rpm
    e95df2e86f1d88fe89ef1f14a71fdccd 7.1/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.i386.rpm
    71ec6519410e65aad2eae4bdfe500975 7.1/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.i386.rpm
    ffa9344eb347d7d12ab87bba652fa562 7.1/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.i386.rpm
    e475560e7c1fb62a196993415dfab7de 7.1/en/os/i386/XFree86-Xnest-4.1.0-49.i386.rpm
    dfa2b9213032074d9f08781042ca05f2 7.1/en/os/i386/XFree86-Xvfb-4.1.0-49.i386.rpm
    0025f3055761f8ac4b1eb392d076f3fd 7.1/en/os/i386/XFree86-cyrillic-fonts-4.1.0-49.i386.rpm
    987897ce80f44dc702f162e0f0aea0d9 7.1/en/os/i386/XFree86-devel-4.1.0-49.i386.rpm
    a46de8247fa2ab6b14b80e37d3604876 7.1/en/os/i386/XFree86-doc-4.1.0-49.i386.rpm
    f77a9ccd1b80e73bc281d3a23698d646 7.1/en/os/i386/XFree86-libs-4.1.0-49.i386.rpm
    f234a38c406ec59d1797b2261394838c 7.1/en/os/i386/XFree86-tools-4.1.0-49.i386.rpm
    270de02f4185ad7071d4ffbe41d21e3e 7.1/en/os/i386/XFree86-twm-4.1.0-49.i386.rpm
    1307c2f687fa2885fcf31a5dc6ab8316 7.1/en/os/i386/XFree86-xdm-4.1.0-49.i386.rpm
    37e289141f240cd67e5592ba5a08576c 7.1/en/os/i386/XFree86-xf86cfg-4.1.0-49.i386.rpm
    8356bc88316bc141ae069a6035343a67 7.1/en/os/i386/XFree86-xfs-4.1.0-49.i386.rpm
    255e508c0444be66aad401f48ec0e6a6 7.2/en/os/SRPMS/XFree86-4.1.0-49.src.rpm
    65e1eb830be72af2f7538ee5e1fd0fea 7.2/en/os/i386/XFree86-100dpi-fonts-4.1.0-49.i386.rpm
    18cc85bff08f8247c9fea09283ccf45a 7.2/en/os/i386/XFree86-4.1.0-49.i386.rpm
    930d4edb4899f1b78cdc1cd2b19ab38c 7.2/en/os/i386/XFree86-75dpi-fonts-4.1.0-49.i386.rpm
    0cce2b5afb99c32e926ef43261ff2250 7.2/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.i386.rpm
    af88742bd8458f8e57cdf6e531457536 7.2/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.i386.rpm
    e05cf77457ccd3e315e9d3d591782c7a 7.2/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.i386.rpm
    e95df2e86f1d88fe89ef1f14a71fdccd 7.2/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.i386.rpm
    71ec6519410e65aad2eae4bdfe500975 7.2/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.i386.rpm
    ffa9344eb347d7d12ab87bba652fa562 7.2/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.i386.rpm
    e475560e7c1fb62a196993415dfab7de 7.2/en/os/i386/XFree86-Xnest-4.1.0-49.i386.rpm
    dfa2b9213032074d9f08781042ca05f2 7.2/en/os/i386/XFree86-Xvfb-4.1.0-49.i386.rpm
    0025f3055761f8ac4b1eb392d076f3fd 7.2/en/os/i386/XFree86-cyrillic-fonts-4.1.0-49.i386.rpm
    987897ce80f44dc702f162e0f0aea0d9 7.2/en/os/i386/XFree86-devel-4.1.0-49.i386.rpm
    a46de8247fa2ab6b14b80e37d3604876 7.2/en/os/i386/XFree86-doc-4.1.0-49.i386.rpm
    f77a9ccd1b80e73bc281d3a23698d646 7.2/en/os/i386/XFree86-libs-4.1.0-49.i386.rpm
    f234a38c406ec59d1797b2261394838c 7.2/en/os/i386/XFree86-tools-4.1.0-49.i386.rpm
    270de02f4185ad7071d4ffbe41d21e3e 7.2/en/os/i386/XFree86-twm-4.1.0-49.i386.rpm
    1307c2f687fa2885fcf31a5dc6ab8316 7.2/en/os/i386/XFree86-xdm-4.1.0-49.i386.rpm
    37e289141f240cd67e5592ba5a08576c 7.2/en/os/i386/XFree86-xf86cfg-4.1.0-49.i386.rpm
    8356bc88316bc141ae069a6035343a67 7.2/en/os/i386/XFree86-xfs-4.1.0-49.i386.rpm
    3338235d20c3b3b96deda7a7bb09411a 7.2/en/os/ia64/XFree86-100dpi-fonts-4.1.0-49.ia64.rpm
    cec6acd6c87f466e41a61540196de1ff 7.2/en/os/ia64/XFree86-4.1.0-49.ia64.rpm
    36def6fde64cd3580df217356b07ffc8 7.2/en/os/ia64/XFree86-75dpi-fonts-4.1.0-49.ia64.rpm
    f9f2c6648a3abba91225769e1c7d3c46 7.2/en/os/ia64/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.ia64.rpm
    a952f30917499b8d82944238863aae35 7.2/en/os/ia64/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.ia64.rpm
    3ddc6202621fa123a148a5d6782279cd 7.2/en/os/ia64/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.ia64.rpm
    fb13416b693b2e1b2b16540a88b40649 7.2/en/os/ia64/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.ia64.rpm
    503f01aa9bffc2f68fbe7201e6ccc3ed 7.2/en/os/ia64/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.ia64.rpm
    67e91206b634e6de793c3e9c6679bd15 7.2/en/os/ia64/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.ia64.rpm
    75f485800cefecf55673f3936e3874a2 7.2/en/os/ia64/XFree86-Xnest-4.1.0-49.ia64.rpm
    76f0e50b47ab9acf852b0b80f3713295 7.2/en/os/ia64/XFree86-Xvfb-4.1.0-49.ia64.rpm
    b84ddb8960c7785d03e69c6d231f11b1 7.2/en/os/ia64/XFree86-cyrillic-fonts-4.1.0-49.ia64.rpm
    e93b07925b011af368a94231d1a5583c 7.2/en/os/ia64/XFree86-devel-4.1.0-49.ia64.rpm
    65050c1656f2e42486af9a653ab7c804 7.2/en/os/ia64/XFree86-doc-4.1.0-49.ia64.rpm
    f43d26478bf23d7b7a9b05fa35d76d06 7.2/en/os/ia64/XFree86-libs-4.1.0-49.ia64.rpm
    cf6c46c53d41081ae4662e17a89b3ab8 7.2/en/os/ia64/XFree86-tools-4.1.0-49.ia64.rpm
    8f71e3738a26c29439b7b5abd3499966 7.2/en/os/ia64/XFree86-twm-4.1.0-49.ia64.rpm
    491e50e22765f54d04f542c386f5a322 7.2/en/os/ia64/XFree86-xdm-4.1.0-49.ia64.rpm
    17df02a97c217e0b507fac05fbe3608c 7.2/en/os/ia64/XFree86-xfs-4.1.0-49.ia64.rpm

    These packages are GPG signed by Red Hat for security. Our key is
    available from http://www.redhat.com/security/keys.html

    You can verify each package with the following command:
        
        rpm --checksig -v <filename>

    If you only wish to verify that each package has not been corrupted or
    tampered with, examine only the md5sum with the following command:
        
        md5sum <filename>

    7. References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1409
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0164
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1510
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0063
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0071

    8. Contact:

    The Red Hat security contact is <secalert@redhat.com>. More contact
    details at http://www.redhat.com/solutions/security/news/contact.html

    Copyright 2003 Red Hat, Inc.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.7 (GNU/Linux)

    iD8DBQE++cWSXlSAg2UNWIIRAn7DAKDBxEco2hhIlKI2H5icha/0xN3GfwCgiNOB
    FCtmSsoixsyU6iYPoCEEGJ8=
    =ENah
    -----END PGP SIGNATURE-----

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Philippe Biondi: "Re: [Full-Disclosure] Re: Internet Explorer >=5.0 : Buffer overflow"

    Relevant Pages