Skip to navigation

Security Advisory Important: xorg-x11-server security update

Advisory: RHSA-2010:0382-1
Type: Security Advisory
Severity: Important
Issued on: 2010-04-28
Last updated on: 2010-04-28
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2010-1166

Details

Updated xorg-x11-server packages that fix one security issue are now
available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

X.Org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.

An incorrect calculation flaw was discovered in the X.Org Render extension.
A malicious, authorized client could exploit this issue to crash the X.Org
server or, potentially, execute arbitrary code with root privileges.
(CVE-2010-1166)

Users of xorg-x11-server should upgrade to these updated packages, which
contain a backported patch to resolve this issue. All running X.Org server
instances must be restarted for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
xorg-x11-server-1.1.1-48.76.el5_5.1.src.rpm
File outdated by:  RHBA-2014:0361
    MD5: b70f8cd9027b557e32a38a98d5223370
SHA-256: 36024c5c4dba0ed4813a47e6b3f3d24150f4288a4392a64a5e7e474f5dd4c790
 
IA-32:
xorg-x11-server-sdk-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 4ad128972aea0ded610cebf18f8400f7
SHA-256: de99ef0f6495aef4142226f852450af37bae0b0afecb852d01601c89abc832a2
 
x86_64:
xorg-x11-server-sdk-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 6d01816cf83e3ae67cb78d9c31523581
SHA-256: 1b2835bfe9769e7ab60bf527e85ad0b6bb136fdd7d35b871dad8adc038dd9951
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
xorg-x11-server-1.1.1-48.76.el5_5.1.src.rpm
File outdated by:  RHBA-2014:0361
    MD5: b70f8cd9027b557e32a38a98d5223370
SHA-256: 36024c5c4dba0ed4813a47e6b3f3d24150f4288a4392a64a5e7e474f5dd4c790
 
IA-32:
xorg-x11-server-Xdmx-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 4022e820fd9a7727f814b0c3b9f45f5c
SHA-256: df5d37ea9df895dcefa70375b92b9ae1099b06f2821505b5943186b2d5410c75
xorg-x11-server-Xephyr-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 8771ccfcdcbef1610d95835527a3f64f
SHA-256: fd92db8f1aea7ef4c0acf078d5bad139ab520b2e8ed091c8d5f1dee315d886a2
xorg-x11-server-Xnest-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 5409f3c16f325501a8ae933dc73cc2e7
SHA-256: 0a49764d29147dc03ad0d4945e769c7a7d27262c3e3bab7f25951166ad430375
xorg-x11-server-Xorg-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 2c6d4d2ec30204c2250a49eb3a034958
SHA-256: aabf08c4ee185a73b9d82b3468d7abe7ef1f1910a579bdb64efb77d65e1d0f6e
xorg-x11-server-Xvfb-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: e17acba9f07daa09d5f32dee5e610f57
SHA-256: e089d1fb7551d2cbb314318982ef81fbec196944d2dcdf8ce601cad5ddcbd1f4
xorg-x11-server-Xvnc-source-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 92d1f372874d35fcfd75e4b5764ff315
SHA-256: 74fa23fb0986f8e42cee8ec6e327a0fbb071a745d5fdd52f64576defa62df990
xorg-x11-server-sdk-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 4ad128972aea0ded610cebf18f8400f7
SHA-256: de99ef0f6495aef4142226f852450af37bae0b0afecb852d01601c89abc832a2
 
IA-64:
xorg-x11-server-Xdmx-1.1.1-48.76.el5_5.1.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 3983f17e556601c4e809a09bce783bf5
SHA-256: 7fd40d688f90dfb7acb27adcafc2df1809d5f955670db4a1d97b32187225793f
xorg-x11-server-Xephyr-1.1.1-48.76.el5_5.1.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 90950218f98fa69517b6cd61f1f57683
SHA-256: 8a79a14a847009dc025ded0b0cf3a206022d7a89cc55d0ee45e8cd84ade71816
xorg-x11-server-Xnest-1.1.1-48.76.el5_5.1.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 06e0e4d688030be7444f5a7246a174fc
SHA-256: cd669d29c6b5e323a6f4ad8ec91021a8008fb67ac924d6a83c21e402480ac260
xorg-x11-server-Xorg-1.1.1-48.76.el5_5.1.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 9642d25e88a58a70946ebe70966eea0f
SHA-256: 4e84efe6f5652ecddfd9d1d225c8baf4f8770d18b6dbb2cad0102d9e9310638f
xorg-x11-server-Xvfb-1.1.1-48.76.el5_5.1.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 66de6c108ef7cd87449fe516b0795d4c
SHA-256: d35ec2e79e1741489c49a1bbdf3bb87c434636f7a716a694bbb908c359864da4
xorg-x11-server-Xvnc-source-1.1.1-48.76.el5_5.1.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: e5b01c5d3ffb15d5f82bde2c6e06792c
SHA-256: 2ad01ccfea297ace185a0e3935fb5722b49bcda4dc217de1be83beb274087516
xorg-x11-server-sdk-1.1.1-48.76.el5_5.1.ia64.rpm
File outdated by:  RHBA-2014:0361
    MD5: aecb2cf3c441fe76f114305e506e82e3
SHA-256: 7ac6bdb3de3d2f62a6b4f7c27f8e7829d8982eba24875487980e091fbdf6a398
 
PPC:
xorg-x11-server-Xdmx-1.1.1-48.76.el5_5.1.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: d6ec8ce8c80db63ef31dc3fe7577e72e
SHA-256: 4b932fbfedcd4fee662c78b243bb0a11edbbf3dada1e9f9cb6d25b4c4c1200b9
xorg-x11-server-Xephyr-1.1.1-48.76.el5_5.1.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: f9c1a7adaefcaf0c7168b5f81f9edf39
SHA-256: 8789bba08153a722c30a36447a26fd114f4f9ada855dbe85b2e585f6ddc58960
xorg-x11-server-Xnest-1.1.1-48.76.el5_5.1.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: 7ee96cec02c778b71b18537f0df4be6a
SHA-256: 51ba777fe0fbd32f8ddc5621de4fda594a6fcebbac64cf84abcce1ab74376b04
xorg-x11-server-Xorg-1.1.1-48.76.el5_5.1.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: 841f8c162b0c40d4b4560bf2bec9b13f
SHA-256: 5e892c389add8500682d506dd9dca637a49d903948d11716f2091fb581dbadf0
xorg-x11-server-Xvfb-1.1.1-48.76.el5_5.1.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: a78b870039bbe4e6d18c948bb6557b6c
SHA-256: b7cfb2688930804f760609c4cd9798dfff37d3762d83ed8527add192c01d4cea
xorg-x11-server-Xvnc-source-1.1.1-48.76.el5_5.1.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: 1ab34a8b54378a706c7143ccac0404a9
SHA-256: eee7771678a6b6ba819b88dcb201caadbeff1cecbde508f576c1ab59863d4b87
xorg-x11-server-sdk-1.1.1-48.76.el5_5.1.ppc.rpm
File outdated by:  RHBA-2014:0361
    MD5: 298d8171c1792abbfc180a9b3e8dd82f
SHA-256: 96ed31ea2bd666456ada25e64a0069f5711327501f97aa457ee747811f678b67
 
s390x:
xorg-x11-server-Xephyr-1.1.1-48.76.el5_5.1.s390x.rpm
File outdated by:  RHBA-2014:0361
    MD5: 01bfb029af983108972ad4fad6eeb49e
SHA-256: 4c60a79272cd645eba99bc6440379e83642c4b8a2cccba48a8a0fc992d6520df
xorg-x11-server-Xnest-1.1.1-48.76.el5_5.1.s390x.rpm
File outdated by:  RHBA-2014:0361
    MD5: 7a1a2aeb1217ffcef8f730dd874b5bd0
SHA-256: 03bd8cd44fbd57ae542ed2d907ffa6d48cde1010c75449bf53f83f4b5d639a88
xorg-x11-server-Xvfb-1.1.1-48.76.el5_5.1.s390x.rpm
File outdated by:  RHBA-2014:0361
    MD5: 9ed1bb1808103f6a5ceb1fb73418177d
SHA-256: e892be445b29003c1e82a3872efa6ff7ea20ca50195bb95102b25857a26c60a3
xorg-x11-server-Xvnc-source-1.1.1-48.76.el5_5.1.s390x.rpm
File outdated by:  RHBA-2014:0361
    MD5: 4f8859998b3de499f1100cd8df3f1dbc
SHA-256: da46257b0155fed20a63e25df9fb43f3fd6cb4ab96fa797218f05d992cc3089a
 
x86_64:
xorg-x11-server-Xdmx-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 2270b967c32c0219b15b0a0b40d9852c
SHA-256: 443ba75d39ac57ddef5bc8919d81fa572e9c6de733b2eb4aaab1ea9d3146f3c8
xorg-x11-server-Xephyr-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: ec6900b06999d874886959a8b1f23375
SHA-256: 6ef5ee837f3f86edd5b57117a6e79ce80a9765c11582d0e8b255d53a39d41f3e
xorg-x11-server-Xnest-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: d7c3aa733f1032a1e8eab1d4c8d37420
SHA-256: 9075755258963b64b28b67e825de83bfdbb9c4150ad52697b294c36f4124fa9e
xorg-x11-server-Xorg-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 1bacb04fae08bc416c1d34b9b4f3d379
SHA-256: 6d118bbda141795f82ce65bd7eb14d058e266c0b738e6c589a1c81c46c78dd70
xorg-x11-server-Xvfb-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: f069ddabba280fa9df4daffac70c45ef
SHA-256: eb325e1bd946df878e6945137307521ad1acfa312fcf6855f638f811b49831c6
xorg-x11-server-Xvnc-source-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 760a0dd756514581c02bccc977428ace
SHA-256: c02d84b8e985734c4fe955a08fc69256ee2a7b9e70e9349d50fff33086b2b7de
xorg-x11-server-sdk-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 6d01816cf83e3ae67cb78d9c31523581
SHA-256: 1b2835bfe9769e7ab60bf527e85ad0b6bb136fdd7d35b871dad8adc038dd9951
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
xorg-x11-server-1.1.1-48.76.el5_5.1.src.rpm
File outdated by:  RHBA-2014:0361
    MD5: b70f8cd9027b557e32a38a98d5223370
SHA-256: 36024c5c4dba0ed4813a47e6b3f3d24150f4288a4392a64a5e7e474f5dd4c790
 
IA-32:
xorg-x11-server-Xdmx-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 4022e820fd9a7727f814b0c3b9f45f5c
SHA-256: df5d37ea9df895dcefa70375b92b9ae1099b06f2821505b5943186b2d5410c75
xorg-x11-server-Xephyr-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 8771ccfcdcbef1610d95835527a3f64f
SHA-256: fd92db8f1aea7ef4c0acf078d5bad139ab520b2e8ed091c8d5f1dee315d886a2
xorg-x11-server-Xnest-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 5409f3c16f325501a8ae933dc73cc2e7
SHA-256: 0a49764d29147dc03ad0d4945e769c7a7d27262c3e3bab7f25951166ad430375
xorg-x11-server-Xorg-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 2c6d4d2ec30204c2250a49eb3a034958
SHA-256: aabf08c4ee185a73b9d82b3468d7abe7ef1f1910a579bdb64efb77d65e1d0f6e
xorg-x11-server-Xvfb-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: e17acba9f07daa09d5f32dee5e610f57
SHA-256: e089d1fb7551d2cbb314318982ef81fbec196944d2dcdf8ce601cad5ddcbd1f4
xorg-x11-server-Xvnc-source-1.1.1-48.76.el5_5.1.i386.rpm
File outdated by:  RHBA-2014:0361
    MD5: 92d1f372874d35fcfd75e4b5764ff315
SHA-256: 74fa23fb0986f8e42cee8ec6e327a0fbb071a745d5fdd52f64576defa62df990
 
x86_64:
xorg-x11-server-Xdmx-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 2270b967c32c0219b15b0a0b40d9852c
SHA-256: 443ba75d39ac57ddef5bc8919d81fa572e9c6de733b2eb4aaab1ea9d3146f3c8
xorg-x11-server-Xephyr-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: ec6900b06999d874886959a8b1f23375
SHA-256: 6ef5ee837f3f86edd5b57117a6e79ce80a9765c11582d0e8b255d53a39d41f3e
xorg-x11-server-Xnest-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: d7c3aa733f1032a1e8eab1d4c8d37420
SHA-256: 9075755258963b64b28b67e825de83bfdbb9c4150ad52697b294c36f4124fa9e
xorg-x11-server-Xorg-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 1bacb04fae08bc416c1d34b9b4f3d379
SHA-256: 6d118bbda141795f82ce65bd7eb14d058e266c0b738e6c589a1c81c46c78dd70
xorg-x11-server-Xvfb-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: f069ddabba280fa9df4daffac70c45ef
SHA-256: eb325e1bd946df878e6945137307521ad1acfa312fcf6855f638f811b49831c6
xorg-x11-server-Xvnc-source-1.1.1-48.76.el5_5.1.x86_64.rpm
File outdated by:  RHBA-2014:0361
    MD5: 760a0dd756514581c02bccc977428ace
SHA-256: c02d84b8e985734c4fe955a08fc69256ee2a7b9e70e9349d50fff33086b2b7de
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

495733 - Xorg crashes with latest firefox
582601 - CVE-2010-1166 Xorg: X server Render extension memory corruption


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/