Skip to navigation

Security Advisory XFree86 security update

Advisory: RHSA-2005:329-12
Type: Security Advisory
Severity: Important
Issued on: 2005-09-12
Last updated on: 2005-09-12
Affected Products: Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2005-2495

Details

Updated XFree86 packages that fix several integer overflows are now
available for Red Hat Enterprise Linux 2.1.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

XFree86 is an open source implementation of the X Window System. It
provides the basic low-level functionality that full-fledged graphical
user interfaces (GUIs) such as GNOME and KDE are designed upon.

Several integer overflow bugs were found in the way XFree86 parses pixmap
images. It is possible for a user to gain elevated privileges by loading a
specially crafted pixmap image. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2005-2495 to this issue.

Users of XFree86 should upgrade to these updated packages, which contain a
backported patch and are not vulnerable to this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Enterprise Linux AS (v. 2.1)

SRPMS:
XFree86-4.1.0-73.EL.src.rpm
File outdated by:  RHSA-2008:0512
    MD5: 68105d09e61d134f4eeea78d407e2c1c
 
IA-32:
XFree86-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7bfb8647be5c45fd54481e88789a8386
XFree86-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: accd006aac390919cb4b743c7b8a06c7
XFree86-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 35900e00e5966302ddf4f5dedbd2a642
XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9a771dae1fcaaa54c6b0b542815abf47
XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9a5a8263b329a18d2e0b6a454b604d05
XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 42846faf4475c767f45886d69ff57e3b
XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 86a5010643deb6ffc0c71479c3d33643
XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 47b9195b04aa1c09bdf93535f3ed8b7f
XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 645be8672a5b68d8cfc06e912922415e
XFree86-Xnest-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f221e7ab3db313164eae2f6c55648332
XFree86-Xvfb-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: dbf8174d090bf2205346ce5d9e9cd62d
XFree86-cyrillic-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 644769c49a6fa25775b5ca6c382e8790
XFree86-devel-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 44923286bea73a111d605bc7bdbbcdda
XFree86-doc-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 973f570aa5360f82c036d4d24ef4ca73
XFree86-libs-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6ee4c63ae5e1c0eb89d5d882cb0d0f9f
XFree86-tools-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: bc2fbcc9bc7cdae9188e2f1d723d6f22
XFree86-twm-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: d121052ee17ebc9f4486fd7b60711991
XFree86-xdm-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 884bb55c80164fa42c3e9217dd0cb76c
XFree86-xf86cfg-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1ee085b3133194a125ac6f7dc92ef873
XFree86-xfs-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 68a372b062401429400dad8be08a11b5
 
IA-64:
XFree86-100dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: ee5701ed43004f2a6d1676d7dea6dc16
XFree86-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4a31cf14292d93a555753009e4e1b9ca
XFree86-75dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1a541bbb2bdf3c6d44f2ec8c8be5d341
XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: fe3f03099e0262f311eb5859cb8fb487
XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 27bc9e6685a0a11e1576bc9fbdb2cb1b
XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4deee3145ad33af1e3e10442110cdd86
XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2abed5d1f6fe7f288342399e12f34436
XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: ffd6eba67c32f6455f77c13fb9786a44
XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 5ce540a13a8256c64a6078b00b25de01
XFree86-Xnest-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 06c29dbdcb7b9fd05453de3248c4025b
XFree86-Xvfb-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 89c3d54aa79c0955b664a8ca775c6e86
XFree86-cyrillic-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: bfbfe03a6f18c8c455bc1f91353e1e59
XFree86-devel-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 5bd1c11f18b01bc2b837346a9bcd7b8b
XFree86-doc-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2d4393e35b72990be9f27b5007e326bf
XFree86-libs-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 52f463aa870c45379f0b076ebca0bffa
XFree86-tools-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: f7d6d5c139d725d25481f56cf740bfc2
XFree86-twm-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 186a356c8a95aa51007d3192df252668
XFree86-xdm-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 04f92781878ebd07c93d5af2052ea9dc
XFree86-xfs-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1d55c1fe1dabcd78426cf21790a03887
 
Red Hat Enterprise Linux ES (v. 2.1)

SRPMS:
XFree86-4.1.0-73.EL.src.rpm
File outdated by:  RHSA-2008:0512
    MD5: 68105d09e61d134f4eeea78d407e2c1c
 
IA-32:
XFree86-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7bfb8647be5c45fd54481e88789a8386
XFree86-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: accd006aac390919cb4b743c7b8a06c7
XFree86-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 35900e00e5966302ddf4f5dedbd2a642
XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9a771dae1fcaaa54c6b0b542815abf47
XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9a5a8263b329a18d2e0b6a454b604d05
XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 42846faf4475c767f45886d69ff57e3b
XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 86a5010643deb6ffc0c71479c3d33643
XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 47b9195b04aa1c09bdf93535f3ed8b7f
XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 645be8672a5b68d8cfc06e912922415e
XFree86-Xnest-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f221e7ab3db313164eae2f6c55648332
XFree86-Xvfb-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: dbf8174d090bf2205346ce5d9e9cd62d
XFree86-cyrillic-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 644769c49a6fa25775b5ca6c382e8790
XFree86-devel-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 44923286bea73a111d605bc7bdbbcdda
XFree86-doc-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 973f570aa5360f82c036d4d24ef4ca73
XFree86-libs-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6ee4c63ae5e1c0eb89d5d882cb0d0f9f
XFree86-tools-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: bc2fbcc9bc7cdae9188e2f1d723d6f22
XFree86-twm-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: d121052ee17ebc9f4486fd7b60711991
XFree86-xdm-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 884bb55c80164fa42c3e9217dd0cb76c
XFree86-xf86cfg-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1ee085b3133194a125ac6f7dc92ef873
XFree86-xfs-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 68a372b062401429400dad8be08a11b5
 
Red Hat Enterprise Linux WS (v. 2.1)

SRPMS:
XFree86-4.1.0-73.EL.src.rpm
File outdated by:  RHSA-2008:0512
    MD5: 68105d09e61d134f4eeea78d407e2c1c
 
IA-32:
XFree86-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 7bfb8647be5c45fd54481e88789a8386
XFree86-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: accd006aac390919cb4b743c7b8a06c7
XFree86-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 35900e00e5966302ddf4f5dedbd2a642
XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9a771dae1fcaaa54c6b0b542815abf47
XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 9a5a8263b329a18d2e0b6a454b604d05
XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 42846faf4475c767f45886d69ff57e3b
XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 86a5010643deb6ffc0c71479c3d33643
XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 47b9195b04aa1c09bdf93535f3ed8b7f
XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 645be8672a5b68d8cfc06e912922415e
XFree86-Xnest-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: f221e7ab3db313164eae2f6c55648332
XFree86-Xvfb-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: dbf8174d090bf2205346ce5d9e9cd62d
XFree86-cyrillic-fonts-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 644769c49a6fa25775b5ca6c382e8790
XFree86-devel-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 44923286bea73a111d605bc7bdbbcdda
XFree86-doc-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 973f570aa5360f82c036d4d24ef4ca73
XFree86-libs-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 6ee4c63ae5e1c0eb89d5d882cb0d0f9f
XFree86-tools-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: bc2fbcc9bc7cdae9188e2f1d723d6f22
XFree86-twm-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: d121052ee17ebc9f4486fd7b60711991
XFree86-xdm-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 884bb55c80164fa42c3e9217dd0cb76c
XFree86-xf86cfg-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1ee085b3133194a125ac6f7dc92ef873
XFree86-xfs-4.1.0-73.EL.i386.rpm
File outdated by:  RHSA-2008:0512
    MD5: 68a372b062401429400dad8be08a11b5
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

SRPMS:
XFree86-4.1.0-73.EL.src.rpm
File outdated by:  RHSA-2008:0512
    MD5: 68105d09e61d134f4eeea78d407e2c1c
 
IA-64:
XFree86-100dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: ee5701ed43004f2a6d1676d7dea6dc16
XFree86-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4a31cf14292d93a555753009e4e1b9ca
XFree86-75dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1a541bbb2bdf3c6d44f2ec8c8be5d341
XFree86-ISO8859-15-100dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: fe3f03099e0262f311eb5859cb8fb487
XFree86-ISO8859-15-75dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 27bc9e6685a0a11e1576bc9fbdb2cb1b
XFree86-ISO8859-2-100dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 4deee3145ad33af1e3e10442110cdd86
XFree86-ISO8859-2-75dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2abed5d1f6fe7f288342399e12f34436
XFree86-ISO8859-9-100dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: ffd6eba67c32f6455f77c13fb9786a44
XFree86-ISO8859-9-75dpi-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 5ce540a13a8256c64a6078b00b25de01
XFree86-Xnest-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 06c29dbdcb7b9fd05453de3248c4025b
XFree86-Xvfb-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 89c3d54aa79c0955b664a8ca775c6e86
XFree86-cyrillic-fonts-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: bfbfe03a6f18c8c455bc1f91353e1e59
XFree86-devel-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 5bd1c11f18b01bc2b837346a9bcd7b8b
XFree86-doc-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 2d4393e35b72990be9f27b5007e326bf
XFree86-libs-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 52f463aa870c45379f0b076ebca0bffa
XFree86-tools-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: f7d6d5c139d725d25481f56cf740bfc2
XFree86-twm-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 186a356c8a95aa51007d3192df252668
XFree86-xdm-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 04f92781878ebd07c93d5af2052ea9dc
XFree86-xfs-4.1.0-73.EL.ia64.rpm
File outdated by:  RHSA-2008:0512
    MD5: 1d55c1fe1dabcd78426cf21790a03887
 

Bugs fixed (see bugzilla for more information)

166859 - CAN-2005-2495 multiple integer overflows


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/