[Full-disclosure] [ MDKSA-2006:160 ] - Updated xorg-x11/XFree86 packages fix potential vulnerabilities




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:160
http://www.mandriva.com/security/
_______________________________________________________________________

Package : xorg-x11
Date : August 31, 2006
Affected: 2006.0, Corporate 3.0
_______________________________________________________________________

Problem Description:

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload,
xtrans, and xterm, does not check the return values for setuid and
seteuid calls when attempting to drop privileges, which might allow
local users to gain privileges by causing those calls to fail, such as
by exceeding a ulimit.

In practice, it is unlikely that these programs have any real-world
vulnerability. The X binary is the only one shipped suid. Further
analysis of the code in question shows that it's highly unlikely that
this can be exploited. Patched updates are provided as a precaution
nonetheless.

Updated packages are patched to address this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4447
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
dcb20582a5065744de4726c9f766ae39 2006.0/RPMS/libxorg-x11-6.9.0-5.9.20060mdk.i586.rpm
bcd556a24ed3414007cd2c735725d811 2006.0/RPMS/libxorg-x11-devel-6.9.0-5.9.20060mdk.i586.rpm
fdd48d3aabf17504715b0ac77c518ef1 2006.0/RPMS/libxorg-x11-static-devel-6.9.0-5.9.20060mdk.i586.rpm
d31780e9e640e1c2e52907c61c7741d6 2006.0/RPMS/X11R6-contrib-6.9.0-5.9.20060mdk.i586.rpm
58b0659c5e161f4eac7c6c3d57b9a5a4 2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.9.20060mdk.i586.rpm
ce4099426bf78152f8cce916d991bf31 2006.0/RPMS/xorg-x11-6.9.0-5.9.20060mdk.i586.rpm
c5c5d881ec4fa25712c04bf858cafdae 2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.9.20060mdk.i586.rpm
47eebf4341d36377595d275d494884ce 2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.9.20060mdk.i586.rpm
d8c47f18ededd363aa7999ac9c74e525 2006.0/RPMS/xorg-x11-doc-6.9.0-5.9.20060mdk.i586.rpm
df35175ad9cfdaa619fc855e2a305872 2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.9.20060mdk.i586.rpm
782083d15ac2cf99b72e8884b1ad9f69 2006.0/RPMS/xorg-x11-server-6.9.0-5.9.20060mdk.i586.rpm
7dce0242f2493bda5e566079eeb26ddb 2006.0/RPMS/xorg-x11-xauth-6.9.0-5.9.20060mdk.i586.rpm
788887873c6781f4d04d4c22f15584f2 2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.9.20060mdk.i586.rpm
ec74ddd837416045280a14fea9bc1ee5 2006.0/RPMS/xorg-x11-xfs-6.9.0-5.9.20060mdk.i586.rpm
51f267b6f8eb58c1df9a3f91c3b31b99 2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.9.20060mdk.i586.rpm
42d8a58fd96c62f4a5c01fcefc2c1875 2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.9.20060mdk.i586.rpm
2d0f23a6896a459cdb1da2f1898ec81a 2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.9.20060mdk.i586.rpm
47cc5a6fd1eecb2679b5a623b9ddfe64 2006.0/SRPMS/xorg-x11-6.9.0-5.9.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
ee089c7507299169663a4bccfe4be6c7 x86_64/2006.0/RPMS/lib64xorg-x11-6.9.0-5.9.20060mdk.x86_64.rpm
2e7fd06ccb6313acca657a3e68c3ce35 x86_64/2006.0/RPMS/lib64xorg-x11-devel-6.9.0-5.9.20060mdk.x86_64.rpm
3c873467b4813cf3d500860501f2f45a x86_64/2006.0/RPMS/lib64xorg-x11-static-devel-6.9.0-5.9.20060mdk.x86_64.rpm
796e0bfbd979cef4675492ed4dcfa0bc x86_64/2006.0/RPMS/X11R6-contrib-6.9.0-5.9.20060mdk.x86_64.rpm
ce13145b02fc3c8f69e718e91d2db266 x86_64/2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.9.20060mdk.x86_64.rpm
cfc9452bf907155f60ed8b6815f790ac x86_64/2006.0/RPMS/xorg-x11-6.9.0-5.9.20060mdk.x86_64.rpm
f847dce08140455962c2797bdcfe94f2 x86_64/2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.9.20060mdk.x86_64.rpm
5a1ce6b27ecc1bd8a02ade0bf5e8742d x86_64/2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.9.20060mdk.x86_64.rpm
a96fa59b6ee367d006b83e8f1108f65e x86_64/2006.0/RPMS/xorg-x11-doc-6.9.0-5.9.20060mdk.x86_64.rpm
b84fd79cc72a3f66840ec0549f379723 x86_64/2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.9.20060mdk.x86_64.rpm
8f22f5468a07abbc3bf60f93a85997a1 x86_64/2006.0/RPMS/xorg-x11-server-6.9.0-5.9.20060mdk.x86_64.rpm
f7c04028cf16bf87b6a91e5099c202f7 x86_64/2006.0/RPMS/xorg-x11-xauth-6.9.0-5.9.20060mdk.x86_64.rpm
b34e978f93bb8b219d83267abac98674 x86_64/2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.9.20060mdk.x86_64.rpm
fed4590b44f0b59fe78b41fefedc1891 x86_64/2006.0/RPMS/xorg-x11-xfs-6.9.0-5.9.20060mdk.x86_64.rpm
25d83c3b26e0a429ea9a0dca889af6f0 x86_64/2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.9.20060mdk.x86_64.rpm
a466543fca0e43341d993d70f458f2ee x86_64/2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.9.20060mdk.x86_64.rpm
8b63d5f0768bda693408d25d1b121e46 x86_64/2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.9.20060mdk.x86_64.rpm
47cc5a6fd1eecb2679b5a623b9ddfe64 x86_64/2006.0/SRPMS/xorg-x11-6.9.0-5.9.20060mdk.src.rpm

Corporate 3.0:
a9450f3155f8823499fe957c2dd5482a corporate/3.0/RPMS/libxfree86-4.3-32.7.C30mdk.i586.rpm
dfa43f7a45a823527c0009f501c85041 corporate/3.0/RPMS/libxfree86-devel-4.3-32.7.C30mdk.i586.rpm
8679c26c2afc856d6b015ac1f732c999 corporate/3.0/RPMS/libxfree86-static-devel-4.3-32.7.C30mdk.i586.rpm
f28232feaf28bc7ad8f8ef8347dbb6a9 corporate/3.0/RPMS/X11R6-contrib-4.3-32.7.C30mdk.i586.rpm
f3c7a17ff728d8b47747e53ac757f444 corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.7.C30mdk.i586.rpm
50ca357364f011b414b4f66630e674b7 corporate/3.0/RPMS/XFree86-4.3-32.7.C30mdk.i586.rpm
df154521f2fbe721b93b6d1ad3a3eb9b corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.7.C30mdk.i586.rpm
dd806dd6b8ab801a44df03c1d9d6f66f corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.7.C30mdk.i586.rpm
281882ee8ec4f6798e3fec2c075b0d8e corporate/3.0/RPMS/XFree86-doc-4.3-32.7.C30mdk.i586.rpm
d4d1a7c34ce535915fdfc31ee2fe1f7f corporate/3.0/RPMS/XFree86-glide-module-4.3-32.7.C30mdk.i586.rpm
75994a655bfe6e08b979a68972f6e51c corporate/3.0/RPMS/XFree86-server-4.3-32.7.C30mdk.i586.rpm
f1057204fca95decacdfe85a6b8c5906 corporate/3.0/RPMS/XFree86-xfs-4.3-32.7.C30mdk.i586.rpm
c71dfaa88405aecc32fcabe47e1c53af corporate/3.0/RPMS/XFree86-Xnest-4.3-32.7.C30mdk.i586.rpm
9cbc4bf866de30681b7fb0cb4614a06d corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.7.C30mdk.i586.rpm
c753f021aa04063be981ad656072b615 corporate/3.0/SRPMS/XFree86-4.3-32.7.C30mdk.src.rpm

Corporate 3.0/X86_64:
48112a9314130b94a6c94c0543ea13de x86_64/corporate/3.0/RPMS/lib64xfree86-4.3-32.7.C30mdk.x86_64.rpm
8dd0ede32cdbb8edf8a5485052a0a6f1 x86_64/corporate/3.0/RPMS/lib64xfree86-devel-4.3-32.7.C30mdk.x86_64.rpm
4f87c1f85b61d34ec778b57f33113598 x86_64/corporate/3.0/RPMS/lib64xfree86-static-devel-4.3-32.7.C30mdk.x86_64.rpm
ea4b88d183e635016c2c0dc1e32618b5 x86_64/corporate/3.0/RPMS/X11R6-contrib-4.3-32.7.C30mdk.x86_64.rpm
a88f094df62055d0f507de22931cd076 x86_64/corporate/3.0/RPMS/XFree86-100dpi-fonts-4.3-32.7.C30mdk.x86_64.rpm
43ff4255335fd98864614d57ee6abfd5 x86_64/corporate/3.0/RPMS/XFree86-4.3-32.7.C30mdk.x86_64.rpm
1517b72ee57688326bde5b7041b0312f x86_64/corporate/3.0/RPMS/XFree86-75dpi-fonts-4.3-32.7.C30mdk.x86_64.rpm
9fcee06cbffe64bcca20c94d295b02d8 x86_64/corporate/3.0/RPMS/XFree86-cyrillic-fonts-4.3-32.7.C30mdk.x86_64.rpm
f1712867f17668e3de3664c16284cde6 x86_64/corporate/3.0/RPMS/XFree86-doc-4.3-32.7.C30mdk.x86_64.rpm
17cf639b7aa1fcd153b6f7c85c77b401 x86_64/corporate/3.0/RPMS/XFree86-server-4.3-32.7.C30mdk.x86_64.rpm
b7377bcb482b977684e60c5cb473d513 x86_64/corporate/3.0/RPMS/XFree86-xfs-4.3-32.7.C30mdk.x86_64.rpm
67491c7d711c1abcfd746c1f4d4c99b1 x86_64/corporate/3.0/RPMS/XFree86-Xnest-4.3-32.7.C30mdk.x86_64.rpm
d66e63dce8c577ea71eaa44f638f2a5e x86_64/corporate/3.0/RPMS/XFree86-Xvfb-4.3-32.7.C30mdk.x86_64.rpm
c753f021aa04063be981ad656072b615 x86_64/corporate/3.0/SRPMS/XFree86-4.3-32.7.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE94KKmqjQ0CJFipgRAjWlAJ90wkuVwFfPJr2MdfM1BSOHSqlFhQCff2oJ
LdQn4lchf+Ynv55mVbw/e2U=
=IYdj
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages