- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Moderate: xorg-x11-apps and libX11 security update
Advisory ID:       RHSA-2007:0157-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0157.html
Issue date:        2007-04-16
Updated on:        2007-04-16
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-1667 
- ---------------------------------------------------------------------1. Summary:

Updated xorg-x11-apps and libX11 packages that fix a security issue are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

X.org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.

An integer overflow flaw was found in the X.org XGetPixel() function.
Improper use of this function could cause an application calling it to
function improperly, possibly leading to a crash or arbitrary code
execution. (CVE-2007-1667)

Users of the X.org X11 server should upgrade to these updated packages,
which contain a backported patch and are not vulnerable to this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

231694 - CVE-2007-1667 XGetPixel() integer overflow

6. RPMs required:

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
4c6cf452385e085b57f53f32cb9d1521  libX11-1.0.3-8.0.1.el5.src.rpm
ff54c8414720357c1777beba9c7b9e25  xorg-x11-apps-7.1-4.0.1.el5.src.rpm

i386:
eafebca30be46a1f126a9085729dae91  libX11-1.0.3-8.0.1.el5.i386.rpm
35eb6170e8e0c26993f520cf839c120c  libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm
6515c78f537b870dfe18fdd3d53ddfb9  xorg-x11-apps-7.1-4.0.1.el5.i386.rpm
b8ef8ca891a67f6e62c63bb1bf9d22d1  xorg-x11-apps-debuginfo-7.1-4.0.1.el5.i386.rpm

x86_64:
eafebca30be46a1f126a9085729dae91  libX11-1.0.3-8.0.1.el5.i386.rpm
ea143cb7bbe170730729d1dff11a54fa  libX11-1.0.3-8.0.1.el5.x86_64.rpm
35eb6170e8e0c26993f520cf839c120c  libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm
8da6f620d1dfbe194863d25ffd9a8dad  libX11-debuginfo-1.0.3-8.0.1.el5.x86_64.rpm
43a723f54a8905609c19501e67a9f040  xorg-x11-apps-7.1-4.0.1.el5.x86_64.rpm
8f316a250f656a6418c320145ac02b62  xorg-x11-apps-debuginfo-7.1-4.0.1.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
4c6cf452385e085b57f53f32cb9d1521  libX11-1.0.3-8.0.1.el5.src.rpm

i386:
35eb6170e8e0c26993f520cf839c120c  libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm
7b2d2ba7bb68a47bd7662322e781ae7a  libX11-devel-1.0.3-8.0.1.el5.i386.rpm

x86_64:
35eb6170e8e0c26993f520cf839c120c  libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm
8da6f620d1dfbe194863d25ffd9a8dad  libX11-debuginfo-1.0.3-8.0.1.el5.x86_64.rpm
7b2d2ba7bb68a47bd7662322e781ae7a  libX11-devel-1.0.3-8.0.1.el5.i386.rpm
acadc303e67b0c14da568f0425fde65d  libX11-devel-1.0.3-8.0.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
4c6cf452385e085b57f53f32cb9d1521  libX11-1.0.3-8.0.1.el5.src.rpm
ff54c8414720357c1777beba9c7b9e25  xorg-x11-apps-7.1-4.0.1.el5.src.rpm

i386:
eafebca30be46a1f126a9085729dae91  libX11-1.0.3-8.0.1.el5.i386.rpm
35eb6170e8e0c26993f520cf839c120c  libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm
7b2d2ba7bb68a47bd7662322e781ae7a  libX11-devel-1.0.3-8.0.1.el5.i386.rpm
6515c78f537b870dfe18fdd3d53ddfb9  xorg-x11-apps-7.1-4.0.1.el5.i386.rpm
b8ef8ca891a67f6e62c63bb1bf9d22d1  xorg-x11-apps-debuginfo-7.1-4.0.1.el5.i386.rpm

ia64:
eafebca30be46a1f126a9085729dae91  libX11-1.0.3-8.0.1.el5.i386.rpm
d9bf472eb7f382f576fd14002f5d1887  libX11-1.0.3-8.0.1.el5.ia64.rpm
35eb6170e8e0c26993f520cf839c120c  libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm
1670f3877954d1392bf9ba70046fb30a  libX11-debuginfo-1.0.3-8.0.1.el5.ia64.rpm
cf8a8ffe44483347cdaa5c43e604b615  libX11-devel-1.0.3-8.0.1.el5.ia64.rpm
e47e676aa542e3b64c8277ad792f0298  xorg-x11-apps-7.1-4.0.1.el5.ia64.rpm
8086b6c9997074397107692e43cf333f  xorg-x11-apps-debuginfo-7.1-4.0.1.el5.ia64.rpm

ppc:
23f1c00ed705fbd1e88d40a82fea50bd  libX11-1.0.3-8.0.1.el5.ppc.rpm
60c91ded38d03943378b21eb6ec57b24  libX11-1.0.3-8.0.1.el5.ppc64.rpm
24b4bcb0be6efb55d99eb11b900512f0  libX11-debuginfo-1.0.3-8.0.1.el5.ppc.rpm
310616345f70bf6b26de90897cd5dea4  libX11-debuginfo-1.0.3-8.0.1.el5.ppc64.rpm
ecd2ee6fa8290b653b0e885eb432970f  libX11-devel-1.0.3-8.0.1.el5.ppc.rpm
ee670ec6168e6f2add6397e97da551b0  libX11-devel-1.0.3-8.0.1.el5.ppc64.rpm
3216a943acb93f3c8a8f4e764729143d  xorg-x11-apps-7.1-4.0.1.el5.ppc.rpm
b6aef042a1a10c4b0fbd4f19124eba4e  xorg-x11-apps-debuginfo-7.1-4.0.1.el5.ppc.rpm

s390x:
f44eab75f0bca9aab6aeec4ca273dcbf  libX11-1.0.3-8.0.1.el5.s390.rpm
baa7037daf2981a93f81ffa49d6b020a  libX11-1.0.3-8.0.1.el5.s390x.rpm
51ba8a612370193a3c4f80cfbad54db6  libX11-debuginfo-1.0.3-8.0.1.el5.s390.rpm
f62a72bbdacb66f26a0fcf0a50ea09f5  libX11-debuginfo-1.0.3-8.0.1.el5.s390x.rpm
2a169779c94277d62860dc5193a4f100  libX11-devel-1.0.3-8.0.1.el5.s390.rpm
b464e0943f917152bc558a03d6e5885e  libX11-devel-1.0.3-8.0.1.el5.s390x.rpm
d5be859eeb98b2672e5dbbe5f1e98fc8  xorg-x11-apps-7.1-4.0.1.el5.s390x.rpm
cb8efaae70fe6ea020661a49bc665ff8  xorg-x11-apps-debuginfo-7.1-4.0.1.el5.s390x.rpm

x86_64:
eafebca30be46a1f126a9085729dae91  libX11-1.0.3-8.0.1.el5.i386.rpm
ea143cb7bbe170730729d1dff11a54fa  libX11-1.0.3-8.0.1.el5.x86_64.rpm
35eb6170e8e0c26993f520cf839c120c  libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm
8da6f620d1dfbe194863d25ffd9a8dad  libX11-debuginfo-1.0.3-8.0.1.el5.x86_64.rpm
7b2d2ba7bb68a47bd7662322e781ae7a  libX11-devel-1.0.3-8.0.1.el5.i386.rpm
acadc303e67b0c14da568f0425fde65d  libX11-devel-1.0.3-8.0.1.el5.x86_64.rpm
43a723f54a8905609c19501e67a9f040  xorg-x11-apps-7.1-4.0.1.el5.x86_64.rpm
8f316a250f656a6418c320145ac02b62  xorg-x11-apps-debuginfo-7.1-4.0.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

RedHat: Moderate: xorg-x11-apps and libX11 security

Updated xorg-x11-apps and libX11 packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impac...

Summary



Summary

X.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. An integer overflow flaw was found in the X.org XGetPixel() function. Improper use of this function could cause an application calling it to function improperly, possibly leading to a crash or arbitrary code execution. (CVE-2007-1667) Users of the X.org X11 server should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at
5. Bug IDs fixed (http://bugzilla.redhat.com/):
231694 - CVE-2007-1667 XGetPixel() integer overflow
6. RPMs required:
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS: 4c6cf452385e085b57f53f32cb9d1521 libX11-1.0.3-8.0.1.el5.src.rpm ff54c8414720357c1777beba9c7b9e25 xorg-x11-apps-7.1-4.0.1.el5.src.rpm
i386: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 6515c78f537b870dfe18fdd3d53ddfb9 xorg-x11-apps-7.1-4.0.1.el5.i386.rpm b8ef8ca891a67f6e62c63bb1bf9d22d1 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.i386.rpm
x86_64: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm ea143cb7bbe170730729d1dff11a54fa libX11-1.0.3-8.0.1.el5.x86_64.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 8da6f620d1dfbe194863d25ffd9a8dad libX11-debuginfo-1.0.3-8.0.1.el5.x86_64.rpm 43a723f54a8905609c19501e67a9f040 xorg-x11-apps-7.1-4.0.1.el5.x86_64.rpm 8f316a250f656a6418c320145ac02b62 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
SRPMS: 4c6cf452385e085b57f53f32cb9d1521 libX11-1.0.3-8.0.1.el5.src.rpm
i386: 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 7b2d2ba7bb68a47bd7662322e781ae7a libX11-devel-1.0.3-8.0.1.el5.i386.rpm
x86_64: 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 8da6f620d1dfbe194863d25ffd9a8dad libX11-debuginfo-1.0.3-8.0.1.el5.x86_64.rpm 7b2d2ba7bb68a47bd7662322e781ae7a libX11-devel-1.0.3-8.0.1.el5.i386.rpm acadc303e67b0c14da568f0425fde65d libX11-devel-1.0.3-8.0.1.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS: 4c6cf452385e085b57f53f32cb9d1521 libX11-1.0.3-8.0.1.el5.src.rpm ff54c8414720357c1777beba9c7b9e25 xorg-x11-apps-7.1-4.0.1.el5.src.rpm
i386: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 7b2d2ba7bb68a47bd7662322e781ae7a libX11-devel-1.0.3-8.0.1.el5.i386.rpm 6515c78f537b870dfe18fdd3d53ddfb9 xorg-x11-apps-7.1-4.0.1.el5.i386.rpm b8ef8ca891a67f6e62c63bb1bf9d22d1 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.i386.rpm
ia64: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm d9bf472eb7f382f576fd14002f5d1887 libX11-1.0.3-8.0.1.el5.ia64.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 1670f3877954d1392bf9ba70046fb30a libX11-debuginfo-1.0.3-8.0.1.el5.ia64.rpm cf8a8ffe44483347cdaa5c43e604b615 libX11-devel-1.0.3-8.0.1.el5.ia64.rpm e47e676aa542e3b64c8277ad792f0298 xorg-x11-apps-7.1-4.0.1.el5.ia64.rpm 8086b6c9997074397107692e43cf333f xorg-x11-apps-debuginfo-7.1-4.0.1.el5.ia64.rpm
ppc: 23f1c00ed705fbd1e88d40a82fea50bd libX11-1.0.3-8.0.1.el5.ppc.rpm 60c91ded38d03943378b21eb6ec57b24 libX11-1.0.3-8.0.1.el5.ppc64.rpm 24b4bcb0be6efb55d99eb11b900512f0 libX11-debuginfo-1.0.3-8.0.1.el5.ppc.rpm 310616345f70bf6b26de90897cd5dea4 libX11-debuginfo-1.0.3-8.0.1.el5.ppc64.rpm ecd2ee6fa8290b653b0e885eb432970f libX11-devel-1.0.3-8.0.1.el5.ppc.rpm ee670ec6168e6f2add6397e97da551b0 libX11-devel-1.0.3-8.0.1.el5.ppc64.rpm 3216a943acb93f3c8a8f4e764729143d xorg-x11-apps-7.1-4.0.1.el5.ppc.rpm b6aef042a1a10c4b0fbd4f19124eba4e xorg-x11-apps-debuginfo-7.1-4.0.1.el5.ppc.rpm
s390x: f44eab75f0bca9aab6aeec4ca273dcbf libX11-1.0.3-8.0.1.el5.s390.rpm baa7037daf2981a93f81ffa49d6b020a libX11-1.0.3-8.0.1.el5.s390x.rpm 51ba8a612370193a3c4f80cfbad54db6 libX11-debuginfo-1.0.3-8.0.1.el5.s390.rpm f62a72bbdacb66f26a0fcf0a50ea09f5 libX11-debuginfo-1.0.3-8.0.1.el5.s390x.rpm 2a169779c94277d62860dc5193a4f100 libX11-devel-1.0.3-8.0.1.el5.s390.rpm b464e0943f917152bc558a03d6e5885e libX11-devel-1.0.3-8.0.1.el5.s390x.rpm d5be859eeb98b2672e5dbbe5f1e98fc8 xorg-x11-apps-7.1-4.0.1.el5.s390x.rpm cb8efaae70fe6ea020661a49bc665ff8 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.s390x.rpm
x86_64: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm ea143cb7bbe170730729d1dff11a54fa libX11-1.0.3-8.0.1.el5.x86_64.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 8da6f620d1dfbe194863d25ffd9a8dad libX11-debuginfo-1.0.3-8.0.1.el5.x86_64.rpm 7b2d2ba7bb68a47bd7662322e781ae7a libX11-devel-1.0.3-8.0.1.el5.i386.rpm acadc303e67b0c14da568f0425fde65d libX11-devel-1.0.3-8.0.1.el5.x86_64.rpm 43a723f54a8905609c19501e67a9f040 xorg-x11-apps-7.1-4.0.1.el5.x86_64.rpm 8f316a250f656a6418c320145ac02b62 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667 http://www.redhat.com/security/updates/classification/#moderate

Package List


Severity
Advisory ID: RHSA-2007:0157-01
Advisory URL: https://access.redhat.com/errata/RHSA-2007:0157.html
Issued Date: : 2007-04-16
Updated on: 2007-04-16
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-1667 Updated xorg-x11-apps and libX11 packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64


Bugs Fixed


Related News

8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved