Security Advisory Important: xorg-x11-server security update

Advisory: RHSA-2008:0504-3
Type: Security Advisory
Severity: Important
Issued on: 2008-06-11
Last updated on: 2008-06-11
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
OVAL: com.redhat.rhsa-20080504.xml
CVEs (cve.mitre.org): CVE-2008-1377
CVE-2008-1379
CVE-2008-2360
CVE-2008-2361
CVE-2008-2362

Details

Updated xorg-x11-server packages that fix several security issues are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

X.Org is an open source implementation of the X Window System. It provides
basic low-level functionality that full-fledged graphical user interfaces
are designed upon.

An input validation flaw was discovered in X.org's Security and Record
extensions. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or, potentially, execute arbitrary code with
root privileges on the X.Org server. (CVE-2008-1377)

Multiple integer overflow flaws were found in X.org's Render extension. A
malicious authorized client could exploit these issues to cause a denial of
service (crash) or, potentially, execute arbitrary code with root
privileges on the X.Org server. (CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362)

An input validation flaw was discovered in X.org's MIT-SHM extension. A
client connected to the X.org server could read arbitrary server memory.
This could result in the sensitive data of other users of the X.org server
being disclosed. (CVE-2008-1379)

Users of xorg-x11-server should upgrade to these updated packages, which
contain backported patches to resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)
IA-32:
xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.i386.rpm     d3f1ee7c0ac4372b920d8651a3ccb728
 
x86_64:
xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.x86_64.rpm     3d5887e69393552ece750eeb9a873c19
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
xorg-x11-server-1.1.1-48.41.el5_2.1.src.rpm     7283b917dc9f501801552cb2969943dc
 
IA-32:
xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.i386.rpm     e3e3ac80f6f348c3c0d1c3bd14ddc0d1
xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.i386.rpm     ffb06b9161294e02a0e44499d4604d0a
xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.i386.rpm     d4092b86589c8bcf72f3b9c2a570df07
xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.i386.rpm     2f0f24d020a6715adc9167cd42e4ccf6
xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.i386.rpm     830312dcfd3971d4006d5bcaa3934859
xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.i386.rpm     78357a6479d75c7c4c8e4fd73ae9fc4c
xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.i386.rpm     d3f1ee7c0ac4372b920d8651a3ccb728
 
IA-64:
xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.ia64.rpm     31585e87e2bfbf2735de97ffc0e1958d
xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.ia64.rpm     b89de1a661ed0a3d7eedabaf3dabaff2
xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.ia64.rpm     415729c62954caba278a98dcc67dfb67
xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.ia64.rpm     ab990797d176b3d29882b5fd074cb6c4
xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.ia64.rpm     55e1f837602a186441a33426daf30c6d
xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.ia64.rpm     f46b50ae59866a5cdba5898bc61a1646
xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.ia64.rpm     384d0acc27513e486b110967d2ec64ad
 
PPC:
xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.ppc.rpm     7b67d7803cb7bec01b6bea628ac59736
xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.ppc.rpm     2d60021f655f849189e12c51ea16d817
xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.ppc.rpm     a0a2756330d1210c35ae440913ebf77e
xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.ppc.rpm     6e53df2cf77cff2fc39a25f16fd34299
xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.ppc.rpm     4fab867214769c17dd248c7b407dacf2
xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.ppc.rpm     ed7498e0dd6d2ca9a3f36d2d6ebd3428
xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.ppc.rpm     1b3510dabbdd43edc0614d80044d2557
 
s390x:
xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.s390x.rpm     fdfb88b4cde4b85c89e21bde3bddd9be
xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.s390x.rpm     9eea72320c629efbd5f4b4bb70b0b081
xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.s390x.rpm     b35d8e6c1e90ef04996afc8b8ecbcc7a
 
x86_64:
xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.x86_64.rpm     b0cb19de1146b522e7f5571ec9fa9fc5
xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.x86_64.rpm     044186249dcd75ac4daefdc9f617b1c8
xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.x86_64.rpm     3761958e2ff8f27e6c4082a0281b080d
xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.x86_64.rpm     6473af2821f385a6edf1a0d5e226598d
xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.x86_64.rpm     625dc48360dc8b0882f6cb9ed33d00d0
xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.x86_64.rpm     43de776b0faaef6d52b37c4b6701d1dd
xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.x86_64.rpm     3d5887e69393552ece750eeb9a873c19
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
xorg-x11-server-1.1.1-48.41.el5_2.1.src.rpm     7283b917dc9f501801552cb2969943dc
 
IA-32:
xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.i386.rpm     e3e3ac80f6f348c3c0d1c3bd14ddc0d1
xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.i386.rpm     ffb06b9161294e02a0e44499d4604d0a
xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.i386.rpm     d4092b86589c8bcf72f3b9c2a570df07
xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.i386.rpm     2f0f24d020a6715adc9167cd42e4ccf6
xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.i386.rpm     830312dcfd3971d4006d5bcaa3934859
xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.i386.rpm     78357a6479d75c7c4c8e4fd73ae9fc4c
 
x86_64:
xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.x86_64.rpm     b0cb19de1146b522e7f5571ec9fa9fc5
xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.x86_64.rpm     044186249dcd75ac4daefdc9f617b1c8
xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.x86_64.rpm     3761958e2ff8f27e6c4082a0281b080d
xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.x86_64.rpm     6473af2821f385a6edf1a0d5e226598d
xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.x86_64.rpm     625dc48360dc8b0882f6cb9ed33d00d0
xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.x86_64.rpm     43de776b0faaef6d52b37c4b6701d1dd
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

445403 - CVE-2008-1377 X.org Record and Security extensions memory corruption
445414 - CVE-2008-1379 X.org MIT-SHM extension arbitrary memory read
448783 - CVE-2008-2360 X.org Render extension AllocateGlyph() heap buffer overflow
448784 - CVE-2008-2361 X.org Render extension ProcRenderCreateCursor() crash
448785 - CVE-2008-2362 X.org Render extension input validation flaw causing memory corruption


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362
http://www.redhat.com/security/updates/classification/#important

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/