Skip to navigation

Security Advisory Important: xorg-x11-server security update

Advisory: RHSA-2008:0031-8
Type: Security Advisory
Severity: Important
Issued on: 2008-01-17
Last updated on: 2008-01-18
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.1.z server)
CVEs (cve.mitre.org): CVE-2007-5760
CVE-2007-5958
CVE-2007-6427
CVE-2007-6428
CVE-2007-6429

Details

Updated xorg-x11-server packages that fix several security issues are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

[Updated 18th January 2008]
The original packages distributed with this errata had a bug which could
cause some X applications to fail on 32-bit platforms. We have updated the
packages to correct this bug.

X.Org is an open source implementation of the X Window System. It provides
basic low-level functionality that full-fledged graphical user interfaces
are designed upon.

Two integer overflow flaws were found in the X.Org server's EVI and MIT-SHM
modules. A malicious authorized client could exploit these issues to cause
a denial of service (crash), or potentially execute arbitrary code with
root privileges on the X.Org server. (CVE-2007-6429)

A memory corruption flaw was found in the X.Org server's XInput extension.
A malicious authorized client could exploit this issue to cause a denial of
service (crash), or potentially execute arbitrary code with root privileges
on the X.Org server. (CVE-2007-6427)

An input validation flaw was found in the X.Org server's XFree86-Misc
extension. A malicious authorized client could exploit this issue to cause
a denial of service (crash), or potentially execute arbitrary code with
root privileges on the X.Org server. (CVE-2007-5760)

An information disclosure flaw was found in the X.Org server's TOG-CUP
extension. A malicious authorized client could exploit this issue to cause
a denial of service (crash), or potentially view arbitrary memory content
within the X server's address space. (CVE-2007-6428)

A flaw was found in the X.Org server's XC-SECURITY extension, that could
have allowed a local user to verify the existence of an arbitrary file,
even in directories that are not normally accessible to that user.
(CVE-2007-5958)

Users of xorg-x11-server should upgrade to these updated packages, which
contain backported patches to resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
xorg-x11-server-1.1.1-48.26.el5_1.5.src.rpm
File outdated by:  RHBA-2014:0361
    MD5: 5448af77edce8cad6a4ead27d37fffd7
 
IA-32:
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 8fe231dda8a689751e380e66df569139
 
x86_64:
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: ec728822a4832661e8532ef0d0cb7fe9
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
xorg-x11-server-1.1.1-48.26.el5_1.5.src.rpm
File outdated by:  RHBA-2014:0361
    MD5: 5448af77edce8cad6a4ead27d37fffd7
 
IA-32:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 354182405a55fbb93f03480f009383d1
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 2b4d5db953c4e5c2228a715cc64c1343
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 94b09be233ba656285caaf129e7181b6
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: e2cdf359944a1d4272447e5186427192
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 86b0e0881e5fdafb677a0772a94e0be3
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 8fe231dda8a689751e380e66df569139
 
IA-64:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 83688a68f5f44762b97b2424c0bcc356
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: c3ac38a8737586a01a7f0564beb3b94e
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 03996dfcf7c7efee6862778cf0d7b1df
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: df14d9ef1f41f29b8072d181d965acf9
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 728577c5ca39a16974eb16c86abddb63
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 71dab5d61d2d4033b3c8d6f5bdd58f33
 
PPC:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: 96385820dc4b526968856a14b3a4b397
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: 1eab991693eb235933bb364e0df7f221
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: 6bf05261f176aad1eed0e3b1c8d7c168
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: f33f768237bfaef54af213679229f47d
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: 2f195f91843efee2040e9099fc742de6
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: 2ad96e2c18d103017f285c23186824ce
 
s390x:
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.s390x.rpm
File outdated by:  RHBA-2014:0361
    MD5: 11a387893c9bc51290f35c806922d325
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.s390x.rpm
File outdated by:  RHBA-2014:0361
    MD5: 75e6d9388f265b990044f5af285ebd99
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.s390x.rpm
File outdated by:  RHBA-2014:0361
    MD5: 56e90481cfeba8d5db0d5f1d9a520aaf
 
x86_64:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: f1366dba2eeb55c9f327d562908d1b24
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: b18c388d80c7ab3fb120c6ab582b08a0
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 767965859c627b4ca374be076c77ad31
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 7c554e8e1a0b3b2076be37d179124905
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: c87aa609b5335bc5ac4f517119bf1f75
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: ec728822a4832661e8532ef0d0cb7fe9
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
xorg-x11-server-1.1.1-48.26.el5_1.5.src.rpm
File outdated by:  RHBA-2014:0361
    MD5: 5448af77edce8cad6a4ead27d37fffd7
 
IA-32:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 354182405a55fbb93f03480f009383d1
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 2b4d5db953c4e5c2228a715cc64c1343
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 94b09be233ba656285caaf129e7181b6
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: e2cdf359944a1d4272447e5186427192
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 86b0e0881e5fdafb677a0772a94e0be3
 
x86_64:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: f1366dba2eeb55c9f327d562908d1b24
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: b18c388d80c7ab3fb120c6ab582b08a0
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 767965859c627b4ca374be076c77ad31
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 7c554e8e1a0b3b2076be37d179124905
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: c87aa609b5335bc5ac4f517119bf1f75
 
Red Hat Enterprise Linux EUS (v. 5.1.z server)

SRPMS:
xorg-x11-server-1.1.1-48.26.el5_1.5.src.rpm
File outdated by:  RHBA-2014:0361
    MD5: 5448af77edce8cad6a4ead27d37fffd7
 
IA-32:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.i386.rpm     MD5: 354182405a55fbb93f03480f009383d1
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.i386.rpm     MD5: 2b4d5db953c4e5c2228a715cc64c1343
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.i386.rpm     MD5: 94b09be233ba656285caaf129e7181b6
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.i386.rpm     MD5: e2cdf359944a1d4272447e5186427192
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.i386.rpm     MD5: 86b0e0881e5fdafb677a0772a94e0be3
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.i386.rpm     MD5: 8fe231dda8a689751e380e66df569139
 
IA-64:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.ia64.rpm     MD5: 83688a68f5f44762b97b2424c0bcc356
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.ia64.rpm     MD5: c3ac38a8737586a01a7f0564beb3b94e
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.ia64.rpm     MD5: 03996dfcf7c7efee6862778cf0d7b1df
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.ia64.rpm     MD5: df14d9ef1f41f29b8072d181d965acf9
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.ia64.rpm     MD5: 728577c5ca39a16974eb16c86abddb63
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.ia64.rpm     MD5: 71dab5d61d2d4033b3c8d6f5bdd58f33
 
PPC:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.ppc.rpm     MD5: 96385820dc4b526968856a14b3a4b397
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.ppc.rpm     MD5: 1eab991693eb235933bb364e0df7f221
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.ppc.rpm     MD5: 6bf05261f176aad1eed0e3b1c8d7c168
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.ppc.rpm     MD5: f33f768237bfaef54af213679229f47d
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.ppc.rpm     MD5: 2f195f91843efee2040e9099fc742de6
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.ppc.rpm     MD5: 2ad96e2c18d103017f285c23186824ce
 
s390x:
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.s390x.rpm     MD5: 11a387893c9bc51290f35c806922d325
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.s390x.rpm     MD5: 75e6d9388f265b990044f5af285ebd99
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.s390x.rpm     MD5: 56e90481cfeba8d5db0d5f1d9a520aaf
 
x86_64:
xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.5.x86_64.rpm     MD5: f1366dba2eeb55c9f327d562908d1b24
xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.5.x86_64.rpm     MD5: b18c388d80c7ab3fb120c6ab582b08a0
xorg-x11-server-Xnest-1.1.1-48.26.el5_1.5.x86_64.rpm     MD5: 767965859c627b4ca374be076c77ad31
xorg-x11-server-Xorg-1.1.1-48.26.el5_1.5.x86_64.rpm     MD5: 7c554e8e1a0b3b2076be37d179124905
xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.5.x86_64.rpm     MD5: c87aa609b5335bc5ac4f517119bf1f75
xorg-x11-server-sdk-1.1.1-48.26.el5_1.5.x86_64.rpm     MD5: ec728822a4832661e8532ef0d0cb7fe9
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

391841 - CVE-2007-5958 Xorg / XFree86 file existence disclosure vulnerability
413721 - CVE-2007-6429 xorg / xfree86: integer overflow in EVI extension
413741 - CVE-2007-6429 xorg / xfree86: integer overflow in MIT-SHM extension
413791 - CVE-2007-6428 xorg / xfree86: information disclosure via TOG-CUP extension
413811 - CVE-2007-6427 xorg / xfree86: memory corruption via XInput extension
414031 - CVE-2007-5760 xorg: invalid array indexing in XFree86-Misc extension


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/