Skip to navigation

Security Advisory XFree86 security update

Advisory: RHSA-2004:152-04
Type: Security Advisory
Severity: Important
Issued on: 2004-04-21
Last updated on: 2004-04-21
Affected Products: Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2004-0093
CVE-2004-0094

Details

Updated XFree86 packages that fix a minor denial of service vulnerability are
now available.

XFree86 is an implementation of the X Window System, providing the core
graphical user interface and video drivers.

Flaws in XFree86 4.1.0 allows local or remote attackers who are able to
connect to the X server to cause a denial of service via an out-of-bounds
array index or integer signedness error when using the GLX extension and
Direct Rendering Infrastructure (DRI). The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the names CAN-2004-0093 and
CAN-2004-0094 to these issues.

These issues do not affect Red Hat Enterprise Linux 3.

All users of XFree86 are advised to upgrade to these erratum packages,
which contain a backported fix and are not vulnerable to these issues.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL Certificate
Errors, you need to install a version of the up2date client with an updated
certificate. The latest version of up2date is available from the Red Hat
FTP site and may also be downloaded directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

Updated packages

Red Hat Enterprise Linux AS (v. 2.1)

SRPMS:
XFree86-4.1.0-58.EL.src.rpm
File outdated by:  RHSA-2008:0512
    MD5: dc4c48a19ccf5ea206ae03caba6388fa
 
IA-32:
XFree86-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: dcc95ff095cf15c1d06a0cb4f7ca8009
XFree86-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 205a6d4836aeb906d6d2c9b2c6d10620
XFree86-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 99ae31b0d801b1abbba1297efc5b1e67
XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a8cedf20386867bbe3d4132dfbbbb3df
XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4bb7f7d2f9b8c2ad767096478219f12f
XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: b2c9d9b758b4662289bdc1553df4ba40
XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 07206d786da6e276ff79f572677e53e9
XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a6285eb526d2457c189089c3d38f50cb
XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4a1a8ec14f1a0f21015a24ae78e45c77
XFree86-Xnest-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 47406316788f63b04ca4afe386cffee6
XFree86-Xvfb-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1b0b5cf3bc0f894d34186e16503bdb1d
XFree86-cyrillic-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a88bc5495376451825119fe49c669306
XFree86-devel-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 69d29d5d33de5477760258895c994231
XFree86-doc-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 809dd6d25fdb7ef83a735959f452200d
XFree86-libs-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: e71041e5e456a01d700c8a33132458e5
XFree86-tools-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: c49fd2dee91f7f89f480ace1c1f93793
XFree86-twm-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: fd454a6ec8ac1f335111cad9d04607f0
XFree86-xdm-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7a4445e65c1dba807681e6b655602180
XFree86-xf86cfg-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: ce13bf7b82bf8ec5106becf2185bb780
XFree86-xfs-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 882c25c8a045b3faef89eab3065df024
 
IA-64:
XFree86-100dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: eee705b0c7241be2e50f8a05569b0f0a
XFree86-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: bcd727111e7ac2b3d7986f516434d725
XFree86-75dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 67061edd22c632894a12cf59c0eef6b4
XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2428669ee622a195b87aefcddf48ec6a
XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: f304ab069cd9c7f6443cda2e4a734e15
XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 58ad1c604d64bdd8f86aaa275643857d
XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 72da617a9bf5c709635e8d35df079152
XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 83badabfc7b0d36ddcc5eb0b812244e2
XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 18a22477917681e54c988be72beef974
XFree86-Xnest-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9dcefa20ad05c68cd0e5d2d4a8cf1602
XFree86-Xvfb-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 68e1b787fb4bc4d4125f691a3565fb69
XFree86-cyrillic-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: fb89993ab18d2ef2601eabe06bc2e7f5
XFree86-devel-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 91bf95c699baa25b002a3d3a87e4075b
XFree86-doc-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6af2997957436a2dedc005032b6734d7
XFree86-libs-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: baa245ac207a5a3c697756f74fa3bd24
XFree86-tools-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 828cc7d4372bae21a56cb95e0e3d29aa
XFree86-twm-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9b1ae44982f7526bc366c97f7c346023
XFree86-xdm-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2abb927d635f35e7b71c1888f9a171ef
XFree86-xfs-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6a4c11d8ebe72dd03c1f4c86aa6adddd
 
Red Hat Enterprise Linux ES (v. 2.1)

SRPMS:
XFree86-4.1.0-58.EL.src.rpm
File outdated by:  RHSA-2008:0512
    MD5: dc4c48a19ccf5ea206ae03caba6388fa
 
IA-32:
XFree86-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: dcc95ff095cf15c1d06a0cb4f7ca8009
XFree86-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 205a6d4836aeb906d6d2c9b2c6d10620
XFree86-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 99ae31b0d801b1abbba1297efc5b1e67
XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a8cedf20386867bbe3d4132dfbbbb3df
XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4bb7f7d2f9b8c2ad767096478219f12f
XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: b2c9d9b758b4662289bdc1553df4ba40
XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 07206d786da6e276ff79f572677e53e9
XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a6285eb526d2457c189089c3d38f50cb
XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4a1a8ec14f1a0f21015a24ae78e45c77
XFree86-Xnest-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 47406316788f63b04ca4afe386cffee6
XFree86-Xvfb-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1b0b5cf3bc0f894d34186e16503bdb1d
XFree86-cyrillic-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a88bc5495376451825119fe49c669306
XFree86-devel-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 69d29d5d33de5477760258895c994231
XFree86-doc-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 809dd6d25fdb7ef83a735959f452200d
XFree86-libs-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: e71041e5e456a01d700c8a33132458e5
XFree86-tools-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: c49fd2dee91f7f89f480ace1c1f93793
XFree86-twm-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: fd454a6ec8ac1f335111cad9d04607f0
XFree86-xdm-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7a4445e65c1dba807681e6b655602180
XFree86-xf86cfg-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: ce13bf7b82bf8ec5106becf2185bb780
XFree86-xfs-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 882c25c8a045b3faef89eab3065df024
 
Red Hat Enterprise Linux WS (v. 2.1)

SRPMS:
XFree86-4.1.0-58.EL.src.rpm
File outdated by:  RHSA-2008:0512
    MD5: dc4c48a19ccf5ea206ae03caba6388fa
 
IA-32:
XFree86-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: dcc95ff095cf15c1d06a0cb4f7ca8009
XFree86-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 205a6d4836aeb906d6d2c9b2c6d10620
XFree86-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 99ae31b0d801b1abbba1297efc5b1e67
XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a8cedf20386867bbe3d4132dfbbbb3df
XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4bb7f7d2f9b8c2ad767096478219f12f
XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: b2c9d9b758b4662289bdc1553df4ba40
XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 07206d786da6e276ff79f572677e53e9
XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a6285eb526d2457c189089c3d38f50cb
XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4a1a8ec14f1a0f21015a24ae78e45c77
XFree86-Xnest-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 47406316788f63b04ca4afe386cffee6
XFree86-Xvfb-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1b0b5cf3bc0f894d34186e16503bdb1d
XFree86-cyrillic-fonts-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a88bc5495376451825119fe49c669306
XFree86-devel-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 69d29d5d33de5477760258895c994231
XFree86-doc-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 809dd6d25fdb7ef83a735959f452200d
XFree86-libs-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: e71041e5e456a01d700c8a33132458e5
XFree86-tools-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: c49fd2dee91f7f89f480ace1c1f93793
XFree86-twm-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: fd454a6ec8ac1f335111cad9d04607f0
XFree86-xdm-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7a4445e65c1dba807681e6b655602180
XFree86-xf86cfg-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: ce13bf7b82bf8ec5106becf2185bb780
XFree86-xfs-4.1.0-58.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 882c25c8a045b3faef89eab3065df024
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

SRPMS:
XFree86-4.1.0-58.EL.src.rpm
File outdated by:  RHSA-2008:0512
    MD5: dc4c48a19ccf5ea206ae03caba6388fa
 
IA-64:
XFree86-100dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: eee705b0c7241be2e50f8a05569b0f0a
XFree86-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: bcd727111e7ac2b3d7986f516434d725
XFree86-75dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 67061edd22c632894a12cf59c0eef6b4
XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2428669ee622a195b87aefcddf48ec6a
XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: f304ab069cd9c7f6443cda2e4a734e15
XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 58ad1c604d64bdd8f86aaa275643857d
XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 72da617a9bf5c709635e8d35df079152
XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 83badabfc7b0d36ddcc5eb0b812244e2
XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 18a22477917681e54c988be72beef974
XFree86-Xnest-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9dcefa20ad05c68cd0e5d2d4a8cf1602
XFree86-Xvfb-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 68e1b787fb4bc4d4125f691a3565fb69
XFree86-cyrillic-fonts-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: fb89993ab18d2ef2601eabe06bc2e7f5
XFree86-devel-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 91bf95c699baa25b002a3d3a87e4075b
XFree86-doc-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6af2997957436a2dedc005032b6734d7
XFree86-libs-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: baa245ac207a5a3c697756f74fa3bd24
XFree86-tools-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 828cc7d4372bae21a56cb95e0e3d29aa
XFree86-twm-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9b1ae44982f7526bc366c97f7c346023
XFree86-xdm-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2abb927d635f35e7b71c1888f9a171ef
XFree86-xfs-4.1.0-58.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6a4c11d8ebe72dd03c1f4c86aa6adddd
 

Bugs fixed (see bugzilla for more information)

118705 - CAN-2004-0093/094 DoS in XFree86 4.1.0


References


Keywords

DoS


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/