RH6.0: XFree86 (RHSA-1999:035-02) - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 20th, 2013

Linux Advisory Watch: May 17th, 2013

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

RH6.0: XFree86 (RHSA-1999:035-02)

User Rating:

How can I rate this item?

Posted by LinuxSecurity.com Team

New XFree86 packages are available for Red Hat Linux 4.2, 5.2, and 6.0 on all architectures. The XFree86 3.3.5 release fixes a number of newly discovered security problems and provides new drivers, as well as fixing a large number of outstanding bugs.

Â
Red Hat, Inc. Security Advisory
Package	XFree86

Synopsis	XFree86 3.3.5 packages available

Advisory ID	RHSA-1999:035-02

Issue Date	1999-09-07

Updated on	1999-09-16

Keywords	xfree86 xterm xdm xinit xfs xinitrc xkb

Revision History: 1999-09-16: fixed permission problems for 4.x/5.x packages reverted MediaGX driver to 3.3.3.1 version trident and SiS driver fixes 1. Topic: New XFree86 packages are available for Red Hat Linux 4.2, 5.2, and 6.0 on all architectures. The XFree86 3.3.5 release fixes a number of newly discovered security problems and provides new drivers, as well as fixing a large number of outstanding bugs. 2. Bug IDs fixed: 1141 1456 2446 2741 2772 2793 2985 3142 3198 3619 3678 3706 3734 3743 3753 3828 3895 3964 4087 4090 4353 4553 4672 4681 3. Relevant releases/architectures: Red Hat Linux 6.0, all architectures 4. Obsoleted by: None 5. Conflicts with: None 6. RPMs required: Intel: ftp://updates.Red Hat.com/6.0/i386/ XFree86-100dpi-fonts-3.3.5-1.6.0.i386.rpm XFree86-3.3.5-1.6.0.i386.rpm XFree86-3DLabs-3.3.5-1.6.0.i386.rpm XFree86-75dpi-fonts-3.3.5-1.6.0.i386.rpm XFree86-8514-3.3.5-1.6.0.i386.rpm XFree86-AGX-3.3.5-1.6.0.i386.rpm XFree86-FBDev-3.3.5-1.6.0.i386.rpm XFree86-I128-3.3.5-1.6.0.i386.rpm XFree86-Mach32-3.3.5-1.6.0.i386.rpm XFree86-Mach64-3.3.5-1.6.0.i386.rpm XFree86-Mach8-3.3.5-1.6.0.i386.rpm XFree86-Mono-3.3.5-1.6.0.i386.rpm XFree86-P9000-3.3.5-1.6.0.i386.rpm XFree86-S3-3.3.5-1.6.0.i386.rpm XFree86-S3V-3.3.5-1.6.0.i386.rpm XFree86-SVGA-3.3.5-1.6.0.i386.rpm XFree86-VGA16-3.3.5-1.6.0.i386.rpm XFree86-W32-3.3.5-1.6.0.i386.rpm XFree86-XF86Setup-3.3.5-1.6.0.i386.rpm XFree86-Xnest-3.3.5-1.6.0.i386.rpm XFree86-Xvfb-3.3.5-1.6.0.i386.rpm XFree86-cyrillic-fonts-3.3.5-1.6.0.i386.rpm XFree86-devel-3.3.5-1.6.0.i386.rpm XFree86-doc-3.3.5-1.6.0.i386.rpm XFree86-libs-3.3.5-1.6.0.i386.rpm XFree86-xfs-3.3.5-1.6.0.i386.rpm Alpha: ftp://updates.Red Hat.com/6.0/alpha XFree86-100dpi-fonts-3.3.5-1.6.0.alpha.rpm XFree86-3.3.5-1.6.0.alpha.rpm XFree86-75dpi-fonts-3.3.5-1.6.0.alpha.rpm XFree86-3DLabs-3.3.5-1.6.0.alpha.rpm XFree86-FBDev-3.3.5-1.6.0.alpha.rpm XFree86-Mach64-3.3.5-1.6.0.alpha.rpm XFree86-Mono-3.3.5-1.6.0.alpha.rpm XFree86-P9000-3.3.5-1.6.0.alpha.rpm XFree86-S3-3.3.5-1.6.0.alpha.rpm XFree86-S3V-3.3.5-1.6.0.alpha.rpm XFree86-SVGA-3.3.5-1.6.0.alpha.rpm XFree86-TGA-3.3.5-1.6.0.alpha.rpm XFree86-Xnest-3.3.5-1.6.0.alpha.rpm XFree86-Xvfb-3.3.5-1.6.0.alpha.rpm XFree86-cyrillic-fonts-3.3.5-1.6.0.alpha.rpm XFree86-devel-3.3.5-1.6.0.alpha.rpm XFree86-doc-3.3.5-1.6.0.alpha.rpm XFree86-libs-3.3.5-1.6.0.alpha.rpm XFree86-xfs-3.3.5-1.6.0.alpha.rpm SPARC: ftp://updates.Red Hat.com/6.0/sparc XFree86-100dpi-fonts-3.3.5-1.6.0.sparc.rpm XFree86-3.3.5-1.6.0.sparc.rpm XFree86-75dpi-fonts-3.3.5-1.6.0.sparc.rpm XFree86-Mach64-3.3.5-1.6.0.sparc.rpm XFree86-Sun-3.3.5-1.6.0.sparc.rpm XFree86-Sun24-3.3.5-1.6.0.sparc.rpm XFree86-SunMono-3.3.5-1.6.0.sparc.rpm XFree86-VGA16-3.3.5-1.6.0.sparc.rpm XFree86-Xnest-3.3.5-1.6.0.sparc.rpm XFree86-Xvfb-3.3.5-1.6.0.sparc.rpm XFree86-cyrillic-fonts-3.3.5-1.6.0.sparc.rpm XFree86-devel-3.3.5-1.6.0.sparc.rpm XFree86-doc-3.3.5-1.6.0.sparc.rpm XFree86-libs-3.3.5-1.6.0.sparc.rpm XFree86-xfs-3.3.5-1.6.0.sparc.rpm Source: ftp://updates.Red Hat.com/6.0/SRPMS XFree86-3.3.5-1.6.0.src.rpm Architecture neutral: ftp://updates.Red Hat.com/6.0/noarch/ 7. Problem description: XFree86 3.3.5 has become available, which features a large number of bug fixes, a greater number of supported video cards, and security improvements. Thanks go to Branden Robinson for discovering a possible symlink attack in the xkb extension initialization at server startup time. A short summary of improvements in XFree86 3.3.4/3.3.5: Support for S3 Savage4 and Savage3D on x86; Support for S3 Trio3D/2X; Mach64 server bugfixes; PS/2 Mouse problem fixes; Rendition server fixes; Intel i740 support (donated by Precision Insight); SiS 530 and SiS 620 support; 3Dfx Voodoo Banshee and Voodoo3 support; Trident Blade3D, CyberBlade and Cyber9525 support; S3 Trio3D support; Matrox G400 support; NVIDIA Riva TNT2 support and better acceleration for all Riva chipsets (donated by NVIDIA); Rewritten Cyrix MediaGX support (donated by Cyrix); Updates and new hardware support (Acecad flair, Calcomp DrawingBoard) for xinput extension; Bug fixed for cards with S3 Aurora64V+ (M65) chip (VGA output should now work). (1999-09-16) The MediaGX driver included in the 3.3.4 and 3.3.5 XFree86 releases is highly buggy. For this reason, we have reverted to the driver included in XFree86 3.3.3.1. Patches have also been applied to correct problems with some Trident cards and with SiS 6326 cards. 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh filename where filename is the name of the RPM. In some circumstances, you may be required to add --force and/or --nodeps to the rpm command line options to insure a proper upgrade. Add these options if the command line given gives an error. You should upgrade at least the core XFree86 package, the font server (xfs) package, the libraries, and the server for your video card. If you download all of the XFree86 updates into a directory and then execute the command: rpm -UvhF *.rpm only the RPMs that you already have installed will be upgraded. More detailed instructions on installing XFree86 are available from: http://www.Red Hat.com/corp/support/docs/XFree86-upgrade/XFree86- upgrade.html 9. Verification: MD5 sum Package Name ------------------------------------------------------------------------- These packages are also PGP signed by Red Hat Inc. for security. Our key is available at: http://www.Red Hat.com/corp/contac t.html You can verify each package with the following command: rpm --checksig filename If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nopgp filename 10. References: News about the 3.3.5 release: http://www.xfree86.org/#news Release notes for 3.3.5 and 3.3.4: http://www.xfree86.org/3.3.5/RELNOTES.html