- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Moderate: XFree86 security update
Advisory ID:       RHSA-2005:044-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2005:044.html
Issue date:        2005-04-06
Updated on:        2005-04-06
Product:           Red Hat Enterprise Linux
Keywords:          Xpm legacy keyboard controller memory leak SEGV segfault crash
CVE Names:         CAN-2005-0605
- ---------------------------------------------------------------------1. Summary:

Updated XFree86 packages that fix a libXpm integer overflow flaw and a
number of bugs are now available.

This update has been rated as having moderate security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

3. Problem description:

XFree86 is an open source implementation of the X Window System.  It
provides the basic low level functionality which full-fledged graphical
user interfaces (GUIs) such as GNOME and KDE are designed upon.

An integer overflow flaw was found in libXpm, which is used by some
applications for loading of XPM images.  An attacker could create a
malicious XPM file that would execute arbitrary code if opened by a victim
using an application linked to the vulnerable library.  The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0605 to this issue.

XFree86 4.1.0 was not functional on systems that did not have a legacy
keyboard controller (8042).  During startup, the X server would attempt to
update registers on the 8042 controller, but if that chip was not present,
the X server would hang during startup.  This new release has a workaround
so that the access to those registers time out if they are not present.

A bug in libXaw could cause applications to segfault on 64-bit systems
under certain circumstances.  This has been fixed with a patch backported
from XFree86 4.3.0.

Xlib contained a memory leak caused by double allocation, which has been
fixed in XFree86 4.3.0 using backported patch.

All users of XFree86 should upgrade to these updated packages, which
resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

150038 - CAN-2005-0605 XPM buffer overflow

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
0a716f7c3023b15f86f7999f5625db76  XFree86-4.1.0-71.EL.src.rpm

i386:
e07be739078da8cd42d598a06b006f1e  XFree86-100dpi-fonts-4.1.0-71.EL.i386.rpm
bcebe61e2d614a1286b52775736e52c9  XFree86-4.1.0-71.EL.i386.rpm
cdddd54938649761e21827745c1366e2  XFree86-75dpi-fonts-4.1.0-71.EL.i386.rpm
182573d60222c73168fbfe66b16bb29b  XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.i386.rpm
2ae9bce6c130784e41d2b133a35e5774  XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.i386.rpm
9f3cf4be959caffa4c3bffbf76a09176  XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.i386.rpm
8c6f826f094aaa5135391f6ec27b0455  XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.i386.rpm
6b8f23211c43fc99dc05d75f9d0e4f86  XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.i386.rpm
bbda1f088f4cfc778a66cd4520df1b7e  XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.i386.rpm
439c6b7b18a9321a7a1a8476ec5c96b8  XFree86-Xnest-4.1.0-71.EL.i386.rpm
a47a287faa17c415776f1f8a31b0882a  XFree86-Xvfb-4.1.0-71.EL.i386.rpm
c17eeb2f724dfcfa1983bd3b8d3f89b9  XFree86-cyrillic-fonts-4.1.0-71.EL.i386.rpm
26b1c9ede0bd137fe1504208d2e69489  XFree86-devel-4.1.0-71.EL.i386.rpm
cc3412a58aed56a2b5ae7818168531f4  XFree86-doc-4.1.0-71.EL.i386.rpm
e49c0750c474dfeede93ebc600bbe4f3  XFree86-libs-4.1.0-71.EL.i386.rpm
f6f827427339cf3e48d270391df35221  XFree86-tools-4.1.0-71.EL.i386.rpm
a8d8c8692e3ec74a267de41a7a047e9f  XFree86-twm-4.1.0-71.EL.i386.rpm
9a583b83825b2713edcc68d833ec2fc1  XFree86-xdm-4.1.0-71.EL.i386.rpm
ae1bb514c1c8e4671b441404e88b200e  XFree86-xf86cfg-4.1.0-71.EL.i386.rpm
27935274796d0c0ee7825ae75d3ca1c7  XFree86-xfs-4.1.0-71.EL.i386.rpm

ia64:
ace0691b089cc424945b118071a7a8c9  XFree86-100dpi-fonts-4.1.0-71.EL.ia64.rpm
33a876d683ad988e13007f7bb2908193  XFree86-4.1.0-71.EL.ia64.rpm
755157ba244a462e4fd3e07b6a2db275  XFree86-75dpi-fonts-4.1.0-71.EL.ia64.rpm
9d10412d6bda791a11554c660319f010  XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.ia64.rpm
977a033b155e1386d32ee4ede524ac0f  XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.ia64.rpm
af4621efc40f5cea331727729755af69  XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.ia64.rpm
81495baca5ebe29af2eb37a9bb0d96e0  XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.ia64.rpm
170e310833a6f8f9e9bbd75e2838ef8b  XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.ia64.rpm
ecfc7e5337276ac690f75eb802e57e06  XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.ia64.rpm
2f4a2252320e36593a078e22fec9d2b1  XFree86-Xnest-4.1.0-71.EL.ia64.rpm
462a5ebdbdbc90669d575e12dea1fe14  XFree86-Xvfb-4.1.0-71.EL.ia64.rpm
0a3f4d30395f408f0b5008e6864aa567  XFree86-cyrillic-fonts-4.1.0-71.EL.ia64.rpm
a6678a2489fb1f6d4098ce523366a69b  XFree86-devel-4.1.0-71.EL.ia64.rpm
71de4899c3aa12a29baeba308b00d073  XFree86-doc-4.1.0-71.EL.ia64.rpm
ab87a37e06ade10ba4287d8f857032ed  XFree86-libs-4.1.0-71.EL.ia64.rpm
5832143085762fc53e894b4804b72af8  XFree86-tools-4.1.0-71.EL.ia64.rpm
daed2b361a134a05c65d51539fe7549a  XFree86-twm-4.1.0-71.EL.ia64.rpm
fb046d7f1ca1d951a9c3ed44c8407b4b  XFree86-xdm-4.1.0-71.EL.ia64.rpm
02a7215f3a1ef684fc45f2544f3aa652  XFree86-xfs-4.1.0-71.EL.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
0a716f7c3023b15f86f7999f5625db76  XFree86-4.1.0-71.EL.src.rpm

ia64:
ace0691b089cc424945b118071a7a8c9  XFree86-100dpi-fonts-4.1.0-71.EL.ia64.rpm
33a876d683ad988e13007f7bb2908193  XFree86-4.1.0-71.EL.ia64.rpm
755157ba244a462e4fd3e07b6a2db275  XFree86-75dpi-fonts-4.1.0-71.EL.ia64.rpm
9d10412d6bda791a11554c660319f010  XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.ia64.rpm
977a033b155e1386d32ee4ede524ac0f  XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.ia64.rpm
af4621efc40f5cea331727729755af69  XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.ia64.rpm
81495baca5ebe29af2eb37a9bb0d96e0  XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.ia64.rpm
170e310833a6f8f9e9bbd75e2838ef8b  XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.ia64.rpm
ecfc7e5337276ac690f75eb802e57e06  XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.ia64.rpm
2f4a2252320e36593a078e22fec9d2b1  XFree86-Xnest-4.1.0-71.EL.ia64.rpm
462a5ebdbdbc90669d575e12dea1fe14  XFree86-Xvfb-4.1.0-71.EL.ia64.rpm
0a3f4d30395f408f0b5008e6864aa567  XFree86-cyrillic-fonts-4.1.0-71.EL.ia64.rpm
a6678a2489fb1f6d4098ce523366a69b  XFree86-devel-4.1.0-71.EL.ia64.rpm
71de4899c3aa12a29baeba308b00d073  XFree86-doc-4.1.0-71.EL.ia64.rpm
ab87a37e06ade10ba4287d8f857032ed  XFree86-libs-4.1.0-71.EL.ia64.rpm
5832143085762fc53e894b4804b72af8  XFree86-tools-4.1.0-71.EL.ia64.rpm
daed2b361a134a05c65d51539fe7549a  XFree86-twm-4.1.0-71.EL.ia64.rpm
fb046d7f1ca1d951a9c3ed44c8407b4b  XFree86-xdm-4.1.0-71.EL.ia64.rpm
02a7215f3a1ef684fc45f2544f3aa652  XFree86-xfs-4.1.0-71.EL.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
0a716f7c3023b15f86f7999f5625db76  XFree86-4.1.0-71.EL.src.rpm

i386:
e07be739078da8cd42d598a06b006f1e  XFree86-100dpi-fonts-4.1.0-71.EL.i386.rpm
bcebe61e2d614a1286b52775736e52c9  XFree86-4.1.0-71.EL.i386.rpm
cdddd54938649761e21827745c1366e2  XFree86-75dpi-fonts-4.1.0-71.EL.i386.rpm
182573d60222c73168fbfe66b16bb29b  XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.i386.rpm
2ae9bce6c130784e41d2b133a35e5774  XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.i386.rpm
9f3cf4be959caffa4c3bffbf76a09176  XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.i386.rpm
8c6f826f094aaa5135391f6ec27b0455  XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.i386.rpm
6b8f23211c43fc99dc05d75f9d0e4f86  XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.i386.rpm
bbda1f088f4cfc778a66cd4520df1b7e  XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.i386.rpm
439c6b7b18a9321a7a1a8476ec5c96b8  XFree86-Xnest-4.1.0-71.EL.i386.rpm
a47a287faa17c415776f1f8a31b0882a  XFree86-Xvfb-4.1.0-71.EL.i386.rpm
c17eeb2f724dfcfa1983bd3b8d3f89b9  XFree86-cyrillic-fonts-4.1.0-71.EL.i386.rpm
26b1c9ede0bd137fe1504208d2e69489  XFree86-devel-4.1.0-71.EL.i386.rpm
cc3412a58aed56a2b5ae7818168531f4  XFree86-doc-4.1.0-71.EL.i386.rpm
e49c0750c474dfeede93ebc600bbe4f3  XFree86-libs-4.1.0-71.EL.i386.rpm
f6f827427339cf3e48d270391df35221  XFree86-tools-4.1.0-71.EL.i386.rpm
a8d8c8692e3ec74a267de41a7a047e9f  XFree86-twm-4.1.0-71.EL.i386.rpm
9a583b83825b2713edcc68d833ec2fc1  XFree86-xdm-4.1.0-71.EL.i386.rpm
ae1bb514c1c8e4671b441404e88b200e  XFree86-xf86cfg-4.1.0-71.EL.i386.rpm
27935274796d0c0ee7825ae75d3ca1c7  XFree86-xfs-4.1.0-71.EL.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
0a716f7c3023b15f86f7999f5625db76  XFree86-4.1.0-71.EL.src.rpm

i386:
e07be739078da8cd42d598a06b006f1e  XFree86-100dpi-fonts-4.1.0-71.EL.i386.rpm
bcebe61e2d614a1286b52775736e52c9  XFree86-4.1.0-71.EL.i386.rpm
cdddd54938649761e21827745c1366e2  XFree86-75dpi-fonts-4.1.0-71.EL.i386.rpm
182573d60222c73168fbfe66b16bb29b  XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.i386.rpm
2ae9bce6c130784e41d2b133a35e5774  XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.i386.rpm
9f3cf4be959caffa4c3bffbf76a09176  XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.i386.rpm
8c6f826f094aaa5135391f6ec27b0455  XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.i386.rpm
6b8f23211c43fc99dc05d75f9d0e4f86  XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.i386.rpm
bbda1f088f4cfc778a66cd4520df1b7e  XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.i386.rpm
439c6b7b18a9321a7a1a8476ec5c96b8  XFree86-Xnest-4.1.0-71.EL.i386.rpm
a47a287faa17c415776f1f8a31b0882a  XFree86-Xvfb-4.1.0-71.EL.i386.rpm
c17eeb2f724dfcfa1983bd3b8d3f89b9  XFree86-cyrillic-fonts-4.1.0-71.EL.i386.rpm
26b1c9ede0bd137fe1504208d2e69489  XFree86-devel-4.1.0-71.EL.i386.rpm
cc3412a58aed56a2b5ae7818168531f4  XFree86-doc-4.1.0-71.EL.i386.rpm
e49c0750c474dfeede93ebc600bbe4f3  XFree86-libs-4.1.0-71.EL.i386.rpm
f6f827427339cf3e48d270391df35221  XFree86-tools-4.1.0-71.EL.i386.rpm
a8d8c8692e3ec74a267de41a7a047e9f  XFree86-twm-4.1.0-71.EL.i386.rpm
9a583b83825b2713edcc68d833ec2fc1  XFree86-xdm-4.1.0-71.EL.i386.rpm
ae1bb514c1c8e4671b441404e88b200e  XFree86-xf86cfg-4.1.0-71.EL.i386.rpm
27935274796d0c0ee7825ae75d3ca1c7  XFree86-xfs-4.1.0-71.EL.i386.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

RedHat: Moderate: XFree86 security update

Updated XFree86 packages that fix a libXpm integer overflow flaw and a number of bugs are now available. This update has been rated as having moderate security impact by the Red ...

Summary



Summary

XFree86 is an open source implementation of the X Window System. It provides the basic low level functionality which full-fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue. XFree86 4.1.0 was not functional on systems that did not have a legacy keyboard controller (8042). During startup, the X server would attempt to update registers on the 8042 controller, but if that chip was not present, the X server would hang during startup. This new release has a workaround so that the access to those registers time out if they are not present. A bug in libXaw could cause applications to segfault on 64-bit systems under certain circumstances. This has been fixed with a patch backported from XFree86 4.3.0. Xlib contained a memory leak caused by double allocation, which has been fixed in XFree86 4.3.0 using backported patch. All users of XFree86 should upgrade to these updated packages, which resolve these issues.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
150038 - CAN-2005-0605 XPM buffer overflow
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS: 0a716f7c3023b15f86f7999f5625db76 XFree86-4.1.0-71.EL.src.rpm
i386: e07be739078da8cd42d598a06b006f1e XFree86-100dpi-fonts-4.1.0-71.EL.i386.rpm bcebe61e2d614a1286b52775736e52c9 XFree86-4.1.0-71.EL.i386.rpm cdddd54938649761e21827745c1366e2 XFree86-75dpi-fonts-4.1.0-71.EL.i386.rpm 182573d60222c73168fbfe66b16bb29b XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.i386.rpm 2ae9bce6c130784e41d2b133a35e5774 XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.i386.rpm 9f3cf4be959caffa4c3bffbf76a09176 XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.i386.rpm 8c6f826f094aaa5135391f6ec27b0455 XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.i386.rpm 6b8f23211c43fc99dc05d75f9d0e4f86 XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.i386.rpm bbda1f088f4cfc778a66cd4520df1b7e XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.i386.rpm 439c6b7b18a9321a7a1a8476ec5c96b8 XFree86-Xnest-4.1.0-71.EL.i386.rpm a47a287faa17c415776f1f8a31b0882a XFree86-Xvfb-4.1.0-71.EL.i386.rpm c17eeb2f724dfcfa1983bd3b8d3f89b9 XFree86-cyrillic-fonts-4.1.0-71.EL.i386.rpm 26b1c9ede0bd137fe1504208d2e69489 XFree86-devel-4.1.0-71.EL.i386.rpm cc3412a58aed56a2b5ae7818168531f4 XFree86-doc-4.1.0-71.EL.i386.rpm e49c0750c474dfeede93ebc600bbe4f3 XFree86-libs-4.1.0-71.EL.i386.rpm f6f827427339cf3e48d270391df35221 XFree86-tools-4.1.0-71.EL.i386.rpm a8d8c8692e3ec74a267de41a7a047e9f XFree86-twm-4.1.0-71.EL.i386.rpm 9a583b83825b2713edcc68d833ec2fc1 XFree86-xdm-4.1.0-71.EL.i386.rpm ae1bb514c1c8e4671b441404e88b200e XFree86-xf86cfg-4.1.0-71.EL.i386.rpm 27935274796d0c0ee7825ae75d3ca1c7 XFree86-xfs-4.1.0-71.EL.i386.rpm
ia64: ace0691b089cc424945b118071a7a8c9 XFree86-100dpi-fonts-4.1.0-71.EL.ia64.rpm 33a876d683ad988e13007f7bb2908193 XFree86-4.1.0-71.EL.ia64.rpm 755157ba244a462e4fd3e07b6a2db275 XFree86-75dpi-fonts-4.1.0-71.EL.ia64.rpm 9d10412d6bda791a11554c660319f010 XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.ia64.rpm 977a033b155e1386d32ee4ede524ac0f XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.ia64.rpm af4621efc40f5cea331727729755af69 XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.ia64.rpm 81495baca5ebe29af2eb37a9bb0d96e0 XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.ia64.rpm 170e310833a6f8f9e9bbd75e2838ef8b XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.ia64.rpm ecfc7e5337276ac690f75eb802e57e06 XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.ia64.rpm 2f4a2252320e36593a078e22fec9d2b1 XFree86-Xnest-4.1.0-71.EL.ia64.rpm 462a5ebdbdbc90669d575e12dea1fe14 XFree86-Xvfb-4.1.0-71.EL.ia64.rpm 0a3f4d30395f408f0b5008e6864aa567 XFree86-cyrillic-fonts-4.1.0-71.EL.ia64.rpm a6678a2489fb1f6d4098ce523366a69b XFree86-devel-4.1.0-71.EL.ia64.rpm 71de4899c3aa12a29baeba308b00d073 XFree86-doc-4.1.0-71.EL.ia64.rpm ab87a37e06ade10ba4287d8f857032ed XFree86-libs-4.1.0-71.EL.ia64.rpm 5832143085762fc53e894b4804b72af8 XFree86-tools-4.1.0-71.EL.ia64.rpm daed2b361a134a05c65d51539fe7549a XFree86-twm-4.1.0-71.EL.ia64.rpm fb046d7f1ca1d951a9c3ed44c8407b4b XFree86-xdm-4.1.0-71.EL.ia64.rpm 02a7215f3a1ef684fc45f2544f3aa652 XFree86-xfs-4.1.0-71.EL.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS: 0a716f7c3023b15f86f7999f5625db76 XFree86-4.1.0-71.EL.src.rpm
ia64: ace0691b089cc424945b118071a7a8c9 XFree86-100dpi-fonts-4.1.0-71.EL.ia64.rpm 33a876d683ad988e13007f7bb2908193 XFree86-4.1.0-71.EL.ia64.rpm 755157ba244a462e4fd3e07b6a2db275 XFree86-75dpi-fonts-4.1.0-71.EL.ia64.rpm 9d10412d6bda791a11554c660319f010 XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.ia64.rpm 977a033b155e1386d32ee4ede524ac0f XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.ia64.rpm af4621efc40f5cea331727729755af69 XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.ia64.rpm 81495baca5ebe29af2eb37a9bb0d96e0 XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.ia64.rpm 170e310833a6f8f9e9bbd75e2838ef8b XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.ia64.rpm ecfc7e5337276ac690f75eb802e57e06 XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.ia64.rpm 2f4a2252320e36593a078e22fec9d2b1 XFree86-Xnest-4.1.0-71.EL.ia64.rpm 462a5ebdbdbc90669d575e12dea1fe14 XFree86-Xvfb-4.1.0-71.EL.ia64.rpm 0a3f4d30395f408f0b5008e6864aa567 XFree86-cyrillic-fonts-4.1.0-71.EL.ia64.rpm a6678a2489fb1f6d4098ce523366a69b XFree86-devel-4.1.0-71.EL.ia64.rpm 71de4899c3aa12a29baeba308b00d073 XFree86-doc-4.1.0-71.EL.ia64.rpm ab87a37e06ade10ba4287d8f857032ed XFree86-libs-4.1.0-71.EL.ia64.rpm 5832143085762fc53e894b4804b72af8 XFree86-tools-4.1.0-71.EL.ia64.rpm daed2b361a134a05c65d51539fe7549a XFree86-twm-4.1.0-71.EL.ia64.rpm fb046d7f1ca1d951a9c3ed44c8407b4b XFree86-xdm-4.1.0-71.EL.ia64.rpm 02a7215f3a1ef684fc45f2544f3aa652 XFree86-xfs-4.1.0-71.EL.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS: 0a716f7c3023b15f86f7999f5625db76 XFree86-4.1.0-71.EL.src.rpm
i386: e07be739078da8cd42d598a06b006f1e XFree86-100dpi-fonts-4.1.0-71.EL.i386.rpm bcebe61e2d614a1286b52775736e52c9 XFree86-4.1.0-71.EL.i386.rpm cdddd54938649761e21827745c1366e2 XFree86-75dpi-fonts-4.1.0-71.EL.i386.rpm 182573d60222c73168fbfe66b16bb29b XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.i386.rpm 2ae9bce6c130784e41d2b133a35e5774 XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.i386.rpm 9f3cf4be959caffa4c3bffbf76a09176 XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.i386.rpm 8c6f826f094aaa5135391f6ec27b0455 XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.i386.rpm 6b8f23211c43fc99dc05d75f9d0e4f86 XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.i386.rpm bbda1f088f4cfc778a66cd4520df1b7e XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.i386.rpm 439c6b7b18a9321a7a1a8476ec5c96b8 XFree86-Xnest-4.1.0-71.EL.i386.rpm a47a287faa17c415776f1f8a31b0882a XFree86-Xvfb-4.1.0-71.EL.i386.rpm c17eeb2f724dfcfa1983bd3b8d3f89b9 XFree86-cyrillic-fonts-4.1.0-71.EL.i386.rpm 26b1c9ede0bd137fe1504208d2e69489 XFree86-devel-4.1.0-71.EL.i386.rpm cc3412a58aed56a2b5ae7818168531f4 XFree86-doc-4.1.0-71.EL.i386.rpm e49c0750c474dfeede93ebc600bbe4f3 XFree86-libs-4.1.0-71.EL.i386.rpm f6f827427339cf3e48d270391df35221 XFree86-tools-4.1.0-71.EL.i386.rpm a8d8c8692e3ec74a267de41a7a047e9f XFree86-twm-4.1.0-71.EL.i386.rpm 9a583b83825b2713edcc68d833ec2fc1 XFree86-xdm-4.1.0-71.EL.i386.rpm ae1bb514c1c8e4671b441404e88b200e XFree86-xf86cfg-4.1.0-71.EL.i386.rpm 27935274796d0c0ee7825ae75d3ca1c7 XFree86-xfs-4.1.0-71.EL.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS: 0a716f7c3023b15f86f7999f5625db76 XFree86-4.1.0-71.EL.src.rpm
i386: e07be739078da8cd42d598a06b006f1e XFree86-100dpi-fonts-4.1.0-71.EL.i386.rpm bcebe61e2d614a1286b52775736e52c9 XFree86-4.1.0-71.EL.i386.rpm cdddd54938649761e21827745c1366e2 XFree86-75dpi-fonts-4.1.0-71.EL.i386.rpm 182573d60222c73168fbfe66b16bb29b XFree86-ISO8859-15-100dpi-fonts-4.1.0-71.EL.i386.rpm 2ae9bce6c130784e41d2b133a35e5774 XFree86-ISO8859-15-75dpi-fonts-4.1.0-71.EL.i386.rpm 9f3cf4be959caffa4c3bffbf76a09176 XFree86-ISO8859-2-100dpi-fonts-4.1.0-71.EL.i386.rpm 8c6f826f094aaa5135391f6ec27b0455 XFree86-ISO8859-2-75dpi-fonts-4.1.0-71.EL.i386.rpm 6b8f23211c43fc99dc05d75f9d0e4f86 XFree86-ISO8859-9-100dpi-fonts-4.1.0-71.EL.i386.rpm bbda1f088f4cfc778a66cd4520df1b7e XFree86-ISO8859-9-75dpi-fonts-4.1.0-71.EL.i386.rpm 439c6b7b18a9321a7a1a8476ec5c96b8 XFree86-Xnest-4.1.0-71.EL.i386.rpm a47a287faa17c415776f1f8a31b0882a XFree86-Xvfb-4.1.0-71.EL.i386.rpm c17eeb2f724dfcfa1983bd3b8d3f89b9 XFree86-cyrillic-fonts-4.1.0-71.EL.i386.rpm 26b1c9ede0bd137fe1504208d2e69489 XFree86-devel-4.1.0-71.EL.i386.rpm cc3412a58aed56a2b5ae7818168531f4 XFree86-doc-4.1.0-71.EL.i386.rpm e49c0750c474dfeede93ebc600bbe4f3 XFree86-libs-4.1.0-71.EL.i386.rpm f6f827427339cf3e48d270391df35221 XFree86-tools-4.1.0-71.EL.i386.rpm a8d8c8692e3ec74a267de41a7a047e9f XFree86-twm-4.1.0-71.EL.i386.rpm 9a583b83825b2713edcc68d833ec2fc1 XFree86-xdm-4.1.0-71.EL.i386.rpm ae1bb514c1c8e4671b441404e88b200e XFree86-xf86cfg-4.1.0-71.EL.i386.rpm 27935274796d0c0ee7825ae75d3ca1c7 XFree86-xfs-4.1.0-71.EL.i386.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605

Package List


Severity
Advisory ID: RHSA-2005:044-01
Advisory URL: https://access.redhat.com/errata/RHSA-2005:044.html
Issued Date: : 2005-04-06
Updated on: 2005-04-06
Product: Red Hat Enterprise Linux
Keywords: Xpm legacy keyboard controller memory leak SEGV segfault crash
CVE Names: CAN-2005-0605 Updated XFree86 packages that fix a libXpm integer overflow flaw and a number of bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64

Red Hat Linux Advanced Workstation 2.1 - ia64

Red Hat Enterprise Linux ES version 2.1 - i386

Red Hat Enterprise Linux WS version 2.1 - i386


Bugs Fixed


Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved