Skip to navigation

Security Advisory XFree86 security update

Advisory: RHSA-2004:610-13
Type: Security Advisory
Severity: Moderate
Issued on: 2004-12-20
Last updated on: 2004-12-20
Affected Products: Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2004-0914

Details

Updated XFree86 packages that fix several security flaws in libXpm are now
available for Red Hat Enterprise Linux 2.1.

XFree86 is an open source implementation of the X Window System. It
provides the basic low level functionality which full fledged graphical
user interfaces (GUIs), such as GNOME and KDE are designed upon.

Several integer overflow flaws in the X.Org libXpm library used to decode
XPM (X PixMap) images have been found and addressed. An attacker could
create a carefully crafted XP file which would cause an application to
crash or potentially execute arbitrary code if opened by a victim. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0914 to this issue.

Users are advised to upgrade to these erratum packages, which contain
backported security patches and other bug fixes.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Enterprise Linux AS (v. 2.1)

IA-32:
XFree86-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 619cba76e3db1708c4ddaa571746f7a3
XFree86-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2b16fa711f16f5551ed7d81d3570955f
XFree86-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 26b4754be230b746c3d7851d2ec63e34
XFree86-ISO8859-15-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 8d3b284157293f6289adfb73404a00e9
XFree86-ISO8859-15-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: af869655958f5118050494bbc2aa8f64
XFree86-ISO8859-2-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7f2123c84e1161d0f899021c505326a4
XFree86-ISO8859-2-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f18101e8f31e4b61765f9039d9143b7d
XFree86-ISO8859-9-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 492c079042fe73e81ad8209e175e376b
XFree86-ISO8859-9-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a5e849fec6ee87de20a3d1dd7d33c5af
XFree86-Xnest-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: aa86b8d77b837e377f9fe0bd0175ae2b
XFree86-Xvfb-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f1f668073ac78f0ac09f1074295094db
XFree86-cyrillic-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f16d01c6c1a5102ca2053c9b1d5dc1e2
XFree86-devel-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1d7eba36f929a6e7386951fa10089fc0
XFree86-doc-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 836a435dcb8045a5a12879793bf14790
XFree86-libs-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 522e953d868d3cacbe8087fe396e80a9
XFree86-tools-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 3f4ea7ac9ff130a726820df0dc0e03ea
XFree86-twm-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 0b0357dfc6be4c7a415f0b194b52ceaf
XFree86-xdm-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f16b5abf0a2292b0c6594a2dfb6e435e
XFree86-xf86cfg-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6b58d9114caa524859054d06621878e9
XFree86-xfs-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 524cdc6f6d432304f8d0cb755ca7a357
 
IA-64:
XFree86-100dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 3187d46c885cc192d84eaff99dd438f5
XFree86-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6278c684f22524f5f7da958aeef90074
XFree86-75dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: bf42add1eb21b91cda0e30ad8e2686f6
XFree86-ISO8859-15-100dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 40e9d9d6cbff18a6b950e8f0d7710cd6
XFree86-ISO8859-15-75dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7be2eed8481a8063dd386cdfa3623e6a
XFree86-ISO8859-2-100dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: ced2a72750408ac4c46240886886dd7c
XFree86-ISO8859-2-75dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: b4fa57d16717844c81f322b12eddb8b3
XFree86-ISO8859-9-100dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 34464f4f3ef6e4c5110f7fd171bb2969
XFree86-ISO8859-9-75dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7e655529fb5a6f583e2c3c37826dd83f
XFree86-Xnest-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: de6d74fee0882d509fc1de32047d4970
XFree86-Xvfb-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: da8b33ca947559b528985fd093932b9e
XFree86-cyrillic-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 83d7db57d75aa30ede0f956faa467f1d
XFree86-devel-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: eec017bf9bdc5c9ac59c57391a4f891c
XFree86-doc-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9e90851f484096e380edbb793b1aaaae
XFree86-libs-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 19274ae09f218a5f919054abfc0364f2
XFree86-tools-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6f6a7192bfbc26d62751197da36f8a80
XFree86-twm-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: cb31a0833f32786205fba5256968c5ea
XFree86-xdm-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 18dfe291c815d7a1850a9ca72d1307c1
XFree86-xfs-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6d2f9fb6412391ac5c1eac8fdcdaf95c
 
Red Hat Enterprise Linux ES (v. 2.1)

IA-32:
XFree86-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 619cba76e3db1708c4ddaa571746f7a3
XFree86-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2b16fa711f16f5551ed7d81d3570955f
XFree86-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 26b4754be230b746c3d7851d2ec63e34
XFree86-ISO8859-15-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 8d3b284157293f6289adfb73404a00e9
XFree86-ISO8859-15-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: af869655958f5118050494bbc2aa8f64
XFree86-ISO8859-2-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7f2123c84e1161d0f899021c505326a4
XFree86-ISO8859-2-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f18101e8f31e4b61765f9039d9143b7d
XFree86-ISO8859-9-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 492c079042fe73e81ad8209e175e376b
XFree86-ISO8859-9-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a5e849fec6ee87de20a3d1dd7d33c5af
XFree86-Xnest-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: aa86b8d77b837e377f9fe0bd0175ae2b
XFree86-Xvfb-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f1f668073ac78f0ac09f1074295094db
XFree86-cyrillic-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f16d01c6c1a5102ca2053c9b1d5dc1e2
XFree86-devel-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1d7eba36f929a6e7386951fa10089fc0
XFree86-doc-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 836a435dcb8045a5a12879793bf14790
XFree86-libs-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 522e953d868d3cacbe8087fe396e80a9
XFree86-tools-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 3f4ea7ac9ff130a726820df0dc0e03ea
XFree86-twm-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 0b0357dfc6be4c7a415f0b194b52ceaf
XFree86-xdm-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f16b5abf0a2292b0c6594a2dfb6e435e
XFree86-xf86cfg-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6b58d9114caa524859054d06621878e9
XFree86-xfs-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 524cdc6f6d432304f8d0cb755ca7a357
 
Red Hat Enterprise Linux WS (v. 2.1)

IA-32:
XFree86-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 619cba76e3db1708c4ddaa571746f7a3
XFree86-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2b16fa711f16f5551ed7d81d3570955f
XFree86-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 26b4754be230b746c3d7851d2ec63e34
XFree86-ISO8859-15-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 8d3b284157293f6289adfb73404a00e9
XFree86-ISO8859-15-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: af869655958f5118050494bbc2aa8f64
XFree86-ISO8859-2-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7f2123c84e1161d0f899021c505326a4
XFree86-ISO8859-2-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f18101e8f31e4b61765f9039d9143b7d
XFree86-ISO8859-9-100dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 492c079042fe73e81ad8209e175e376b
XFree86-ISO8859-9-75dpi-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: a5e849fec6ee87de20a3d1dd7d33c5af
XFree86-Xnest-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: aa86b8d77b837e377f9fe0bd0175ae2b
XFree86-Xvfb-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f1f668073ac78f0ac09f1074295094db
XFree86-cyrillic-fonts-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f16d01c6c1a5102ca2053c9b1d5dc1e2
XFree86-devel-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1d7eba36f929a6e7386951fa10089fc0
XFree86-doc-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 836a435dcb8045a5a12879793bf14790
XFree86-libs-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 522e953d868d3cacbe8087fe396e80a9
XFree86-tools-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 3f4ea7ac9ff130a726820df0dc0e03ea
XFree86-twm-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 0b0357dfc6be4c7a415f0b194b52ceaf
XFree86-xdm-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f16b5abf0a2292b0c6594a2dfb6e435e
XFree86-xf86cfg-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6b58d9114caa524859054d06621878e9
XFree86-xfs-4.1.0-64.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 524cdc6f6d432304f8d0cb755ca7a357
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

IA-64:
XFree86-100dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 3187d46c885cc192d84eaff99dd438f5
XFree86-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6278c684f22524f5f7da958aeef90074
XFree86-75dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: bf42add1eb21b91cda0e30ad8e2686f6
XFree86-ISO8859-15-100dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 40e9d9d6cbff18a6b950e8f0d7710cd6
XFree86-ISO8859-15-75dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7be2eed8481a8063dd386cdfa3623e6a
XFree86-ISO8859-2-100dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: ced2a72750408ac4c46240886886dd7c
XFree86-ISO8859-2-75dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: b4fa57d16717844c81f322b12eddb8b3
XFree86-ISO8859-9-100dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 34464f4f3ef6e4c5110f7fd171bb2969
XFree86-ISO8859-9-75dpi-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7e655529fb5a6f583e2c3c37826dd83f
XFree86-Xnest-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: de6d74fee0882d509fc1de32047d4970
XFree86-Xvfb-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: da8b33ca947559b528985fd093932b9e
XFree86-cyrillic-fonts-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 83d7db57d75aa30ede0f956faa467f1d
XFree86-devel-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: eec017bf9bdc5c9ac59c57391a4f891c
XFree86-doc-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9e90851f484096e380edbb793b1aaaae
XFree86-libs-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 19274ae09f218a5f919054abfc0364f2
XFree86-tools-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6f6a7192bfbc26d62751197da36f8a80
XFree86-twm-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: cb31a0833f32786205fba5256968c5ea
XFree86-xdm-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 18dfe291c815d7a1850a9ca72d1307c1
XFree86-xfs-4.1.0-64.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6d2f9fb6412391ac5c1eac8fdcdaf95c
 

Bugs fixed (see bugzilla for more information)

136164 - CAN-2004-0914 libXpm integer overflows


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/