[Full-Disclosure] [RHSA-2003:287-01] Updated XFree86 packages provide security and bug fixes

bugzilla_at_redhat.com
Date: 11/25/03

Next message: liu die yu: "[Full-Disclosure] IE Key"

Previous message: bugzilla_at_redhat.com: "[Full-Disclosure] [RHSA-2003:286-01] Updated XFree86 packages provide security and bug fixes"
Next in thread: 4cray: "[Full-Disclosure] unsubscribe"
Reply: 4cray: "[Full-Disclosure] unsubscribe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: redhat-watch-list@redhat.com, bugtraq@securityfocus.com, full-disclosure@lists.netsys.com
Date: Tue, 25 Nov 2003 04:56 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated XFree86 packages provide security and bug fixes
Advisory ID: RHSA-2003:287-01
Issue date: 2003-11-25
Updated on: 2003-11-25
Product: Red Hat Linux
Keywords:
Cross references:
Obsoletes: RHSA-2003:066 RHSA-2003:067
CVE Names: CAN-2003-0690 CAN-2003-0730
- ---------------------------------------------------------------------

1. Topic:

Updated XFree86 packages for Red Hat Linux 7.3 and 8.0 provide security
fixes to font libraries and XDM.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 8.0 - i386

3. Problem description:

XFree86 is an implementation of the X Window System providing the core
graphical user interface and video drivers in Red Hat Linux. XDM is the X
display manager.

Multiple integer overflows in the transfer and enumeration of font
libraries in XFree86 allow local or remote attackers to cause a denial of
service or execute arbitrary code via heap-based and stack-based buffer
overflow attacks. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0730 to this issue.

The risk to users from this vulnerability is limited because only clients
can be affected by these bugs, however in some (non default)
configurations, both xfs and the X Server can act as clients
to remote font servers.

XDM does not verify whether the pam_setcred function call succeeds, which
may allow attackers to gain root privileges by triggering error conditions
within PAM modules, as demonstrated in certain configurations of the
pam_krb5 module. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0690 to this issue.

Users are advised to upgrade to these updated XFree86 4.2.1 packages, which
contain backported security patches and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL Certificate
Errors, you need to install a version of the up2date client with an updated
certificate. The latest version of up2date is available from the Red Hat
FTP site and may also be downloaded directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. RPMs required:

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/XFree86-4.2.1-13.73.23.src.rpm

Red Hat Linux 8.0:

SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/XFree86-4.2.1-23.src.rpm

6. Verification:

MD5 sum Package Name
- --------------------------------------------------------------------------
6dc1b32efd505aafd4acf61115077e9e 7.3/en/os/SRPMS/XFree86-4.2.1-13.73.23.src.rpm
e814707b495c8d0a30adb16daec18c33 7.3/en/os/i386/XFree86-100dpi-fonts-4.2.1-13.73.23.i386.rpm
b87cfe1e01934b80e7bb7c6e0dc719a9 7.3/en/os/i386/XFree86-4.2.1-13.73.23.i386.rpm
b1d5c0db0d7a05883c90d1c6ab9d18fb 7.3/en/os/i386/XFree86-75dpi-fonts-4.2.1-13.73.23.i386.rpm
f4fd6d9868aacf9dcc48c4c07faf890d 7.3/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.2.1-13.73.23.i386.rpm
003a785d80fdfd838d222c96e559e391 7.3/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.2.1-13.73.23.i386.rpm
b773184b7b97e93544ca7ae5cd3fbd45 7.3/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.2.1-13.73.23.i386.rpm
cc89ae4346639c5f6cdd35e2702ad03d 7.3/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.2.1-13.73.23.i386.rpm
ebb3a1937f9f34ed6b7b1f4c09f5ebfb 7.3/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.2.1-13.73.23.i386.rpm
57a1058465aaa805655322ba7f18cfda 7.3/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.2.1-13.73.23.i386.rpm
d45d6f8cf3cdffa608a7e2ba90729002 7.3/en/os/i386/XFree86-Xnest-4.2.1-13.73.23.i386.rpm
0b7b1e2273dabd54123e1f9a9f02398b 7.3/en/os/i386/XFree86-Xvfb-4.2.1-13.73.23.i386.rpm
3bcb7efa42b5c27a5af605b65c30cf92 7.3/en/os/i386/XFree86-base-fonts-4.2.1-13.73.23.i386.rpm
3ed229277a41413514200c2beedc9aef 7.3/en/os/i386/XFree86-cyrillic-fonts-4.2.1-13.73.23.i386.rpm
4802948ad7fdaf554ff4c49f7e01eb9b 7.3/en/os/i386/XFree86-devel-4.2.1-13.73.23.i386.rpm
9a6854ffc8209e1ade2c049847778cf7 7.3/en/os/i386/XFree86-doc-4.2.1-13.73.23.i386.rpm
27d6b5d5c6e4cd9178cb9f04fde31336 7.3/en/os/i386/XFree86-font-utils-4.2.1-13.73.23.i386.rpm
9174c97c5b1eeec77e978be2f0fb4759 7.3/en/os/i386/XFree86-libs-4.2.1-13.73.23.i386.rpm
bb4ddc7f291cbb2d942924af3a3e382d 7.3/en/os/i386/XFree86-tools-4.2.1-13.73.23.i386.rpm
926875650771bf4e35d7d8f9f2b88581 7.3/en/os/i386/XFree86-truetype-fonts-4.2.1-13.73.23.i386.rpm
f8e8b836b2fef31e330310b250f235d5 7.3/en/os/i386/XFree86-twm-4.2.1-13.73.23.i386.rpm
3370b7c640c370a5fae7882c19de346d 7.3/en/os/i386/XFree86-xdm-4.2.1-13.73.23.i386.rpm
6b0835732bd88f3e58551208fd88a694 7.3/en/os/i386/XFree86-xf86cfg-4.2.1-13.73.23.i386.rpm
e796a4ecba0c8cd577e556bfefd0d1f8 7.3/en/os/i386/XFree86-xfs-4.2.1-13.73.23.i386.rpm
5b23a90a4fbcec116264f987a1fa2fc6 8.0/en/os/SRPMS/XFree86-4.2.1-23.src.rpm
83205dd6d709b1cd0c89bc3ac1fbdcf7 8.0/en/os/i386/XFree86-100dpi-fonts-4.2.1-23.i386.rpm
0d0b76a5b9c918335fcefe9e96e43400 8.0/en/os/i386/XFree86-4.2.1-23.i386.rpm
c0bff3283737f329e52a44987316905a 8.0/en/os/i386/XFree86-75dpi-fonts-4.2.1-23.i386.rpm
468f8042474082e887c49d76eec846cc 8.0/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.2.1-23.i386.rpm
6800179468ad3937a761e18d5a58e9a6 8.0/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.2.1-23.i386.rpm
8cb666742b3603bb1b5f03c6516f583a 8.0/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.2.1-23.i386.rpm
2b6c1b0e013e6dc6ace6ce3411034ea5 8.0/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.2.1-23.i386.rpm
421ff4186cf4723ee93cb913aa4759ac 8.0/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.2.1-23.i386.rpm
3959c4b6b73f544f57adc30930fc33f5 8.0/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.2.1-23.i386.rpm
89f84c356a1db508a7bf5a676a21a8e8 8.0/en/os/i386/XFree86-Mesa-libGL-4.2.1-23.i386.rpm
41781ae1dd9259db03f0ea88d8a01791 8.0/en/os/i386/XFree86-Mesa-libGLU-4.2.1-23.i386.rpm
055a156c76ea4064f423b1910137421f 8.0/en/os/i386/XFree86-Xnest-4.2.1-23.i386.rpm
c1e17db9962f4f94b54dc10d65369102 8.0/en/os/i386/XFree86-Xvfb-4.2.1-23.i386.rpm
73d13ff4ad503f803e85c21735d4b4fd 8.0/en/os/i386/XFree86-base-fonts-4.2.1-23.i386.rpm
a4867e700dcbf2d1626a91e85c52b585 8.0/en/os/i386/XFree86-cyrillic-fonts-4.2.1-23.i386.rpm
845a3a2974ce06fc9df51b578dc1183a 8.0/en/os/i386/XFree86-devel-4.2.1-23.i386.rpm
03d9603e1941e5b79f8539208b226dda 8.0/en/os/i386/XFree86-doc-4.2.1-23.i386.rpm
5128b77c384b1d9bf12829469e7372ca 8.0/en/os/i386/XFree86-font-utils-4.2.1-23.i386.rpm
a3944d3f49beda3c7f496f7f45e0cc42 8.0/en/os/i386/XFree86-libs-4.2.1-23.i386.rpm
45a425d5e5df31f284c7e541f7ca1df3 8.0/en/os/i386/XFree86-tools-4.2.1-23.i386.rpm
04cacefa0f0a0021a37a90195353ea63 8.0/en/os/i386/XFree86-truetype-fonts-4.2.1-23.i386.rpm
70d9a72ac0fb0e21f9fa053cde55c683 8.0/en/os/i386/XFree86-twm-4.2.1-23.i386.rpm
38b1ee5b9a5218e13bde7ac1ecf4ac8b 8.0/en/os/i386/XFree86-xauth-4.2.1-23.i386.rpm
22dcddd4c3960a1e6e499627a2255936 8.0/en/os/i386/XFree86-xdm-4.2.1-23.i386.rpm
c230f65b0a619a10e3331b68855d6c71 8.0/en/os/i386/XFree86-xfs-4.2.1-23.i386.rpm

These packages are GPG signed by Red Hat for security. Our key is
available from https://www.redhat.com/security/keys.html

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:

md5sum <filename>

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0730

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/solutions/security/news/contact.html

iD8DBQE/wydnXlSAg2UNWIIRAgwKAJ9PiyrkkqZlkp/b3g0P6b7sr7Z2NQCfZhzn
2JjXxt7qQqdRrHJF7V98Axg=
=PjfC
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: liu die yu: "[Full-Disclosure] IE Key"

Previous message: bugzilla_at_redhat.com: "[Full-Disclosure] [RHSA-2003:286-01] Updated XFree86 packages provide security and bug fixes"
Next in thread: 4cray: "[Full-Disclosure] unsubscribe"
Reply: 4cray: "[Full-Disclosure] unsubscribe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability]
... Redhat sent a post to BugTraq advising users of Xinetd ... Red Hat Linux 7.3 shipped with xinetd version 2.3.4 and is therefore ... where is a list of the RPMs you wish to upgrade. ...
(Bugtraq)
[Full-Disclosure] Re: [RHSA-2003:279-01] Updated OpenSSH packages fix potential vulnerability
... > RPMs which are currently installed will be updated. ... To use Red Hat Network, ... > Red Hat Linux 7.1: ... > SRPMS: ...
(Full-Disclosure)
[RHSA-2002:175-16] Updated nss_ldap packages fix buffer overflow
... Red Hat Linux 7.0 - alpha, ... leaving it vulnerable to a buffer overflow. ... where is a list of the RPMs you wish to upgrade. ...
(Bugtraq)
[Full-Disclosure] [RHSA-2002:175-16] Updated nss_ldap packages fix buffer overflow
... Red Hat Linux 7.0 - alpha, ... leaving it vulnerable to a buffer overflow. ... where is a list of the RPMs you wish to upgrade. ...
(Full-Disclosure)
[RHSA-2002:153-07] Updated mm packages fix temporary file handling
... emulates them using temporary files. ... MM is used in Red Hat Linux to ... where is a list of the RPMs you wish to upgrade. ... Please note that this update is also available via Red Hat Network. ...
(Bugtraq)