[ MDKSA-2006:081-1 ] - Updated xorg-x11 packages fix vulnerability

security@xxxxxxxxxxxx · Fri, 5 May 2006 00:06:03 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                       MDKSA-2006:081-1
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : xorg-x11
 Date    : May 4, 2006
 Affected: 2006.0
 _______________________________________________________________________

 Problem Description:

 A problem was discovered in xorg-x11 where the X render extension would
 mis-calculate the size of a buffer, leading to an overflow that could
 possibly be exploited by clients of the X server.

 Update:

 Rafael Bermudez noticed that the patch for 2006 was mis-applied.  This
 update resolves that issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1526
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2006.0:
 fc3e3a6a825dd0ed259803f0ec585514  2006.0/RPMS/libxorg-x11-6.9.0-5.6.20060mdk.i586.rpm
 d81df0a49bd2c7178e93229756009bfe  2006.0/RPMS/libxorg-x11-devel-6.9.0-5.6.20060mdk.i586.rpm
 f48af91d6c0cac186af5459d7ab84aaf  2006.0/RPMS/libxorg-x11-static-devel-6.9.0-5.6.20060mdk.i586.rpm
 61090a0da61aa8be2df3df679069fbcb  2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.6.20060mdk.i586.rpm
 76a44a4b56266c1a3782c437fa1f879a  2006.0/RPMS/xorg-x11-6.9.0-5.6.20060mdk.i586.rpm
 93c2772c76d3c862d97b2e5b020e30a3  2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.6.20060mdk.i586.rpm
 e7e765f1477cb88637aae30fb50fe626  2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.6.20060mdk.i586.rpm
 272c396e96c45676792a6a453c65e7a6  2006.0/RPMS/xorg-x11-doc-6.9.0-5.6.20060mdk.i586.rpm
 f956116db27ef01ca1f1f73bd720149e  2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.6.20060mdk.i586.rpm
 d13be66590a678292d640625d40fa923  2006.0/RPMS/xorg-x11-server-6.9.0-5.6.20060mdk.i586.rpm
 d6bda749c3aecfd11e143bcf2450967e  2006.0/RPMS/xorg-x11-xauth-6.9.0-5.6.20060mdk.i586.rpm
 b3f05df67c81766894fa4adc6c9744fd  2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.6.20060mdk.i586.rpm
 13b62b9ca1e8405c5b7fd4204a206a4c  2006.0/RPMS/xorg-x11-xfs-6.9.0-5.6.20060mdk.i586.rpm
 7258f0fa58ea03ebe26d72e8f039eb82  2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.6.20060mdk.i586.rpm
 ae9801aa6faf4ab58cfaf8fc590a6133  2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.6.20060mdk.i586.rpm
 509555c18dbdb0337bd1d00e72c7bfd6  2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.6.20060mdk.i586.rpm
 e333b8894ec5d3fbca38c95741d95935  2006.0/SRPMS/xorg-x11-6.9.0-5.6.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 505ab1a243407f7397e208a29228dd89  x86_64/2006.0/RPMS/lib64xorg-x11-6.9.0-5.6.20060mdk.x86_64.rpm
 4e50a1d049a699571c6b509700721557  x86_64/2006.0/RPMS/lib64xorg-x11-devel-6.9.0-5.6.20060mdk.x86_64.rpm
 955c4dbfaafe890868f60f34bf088da9  x86_64/2006.0/RPMS/lib64xorg-x11-static-devel-6.9.0-5.6.20060mdk.x86_64.rpm
 fc3e3a6a825dd0ed259803f0ec585514  x86_64/2006.0/RPMS/libxorg-x11-6.9.0-5.6.20060mdk.i586.rpm
 d81df0a49bd2c7178e93229756009bfe  x86_64/2006.0/RPMS/libxorg-x11-devel-6.9.0-5.6.20060mdk.i586.rpm
 f48af91d6c0cac186af5459d7ab84aaf  x86_64/2006.0/RPMS/libxorg-x11-static-devel-6.9.0-5.6.20060mdk.i586.rpm
 c7b65a75d52abde5e3634078eb84842d  x86_64/2006.0/RPMS/X11R6-contrib-6.9.0-5.6.20060mdk.x86_64.rpm
 caad39791829b2ef86bef852021c3490  x86_64/2006.0/RPMS/xorg-x11-100dpi-fonts-6.9.0-5.6.20060mdk.x86_64.rpm
 d004173e376cd1fc441fb23d367fe597  x86_64/2006.0/RPMS/xorg-x11-6.9.0-5.6.20060mdk.x86_64.rpm
 cd364f6c76eedfba39a10c4ddf81cfb0  x86_64/2006.0/RPMS/xorg-x11-75dpi-fonts-6.9.0-5.6.20060mdk.x86_64.rpm
 1f6c50c0665c21a78b07d3440ffd43c2  x86_64/2006.0/RPMS/xorg-x11-cyrillic-fonts-6.9.0-5.6.20060mdk.x86_64.rpm
 f135965f13fcc76d4ca07fa128bd7620  x86_64/2006.0/RPMS/xorg-x11-doc-6.9.0-5.6.20060mdk.x86_64.rpm
 3304d60e7288911924951718c74afa30  x86_64/2006.0/RPMS/xorg-x11-glide-module-6.9.0-5.6.20060mdk.x86_64.rpm
 2d73dbacee80e596f3dbdf0db8a5ffda  x86_64/2006.0/RPMS/xorg-x11-server-6.9.0-5.6.20060mdk.x86_64.rpm
 8793a61a6824c7ad5c0c8bffe4ce8ee5  x86_64/2006.0/RPMS/xorg-x11-xauth-6.9.0-5.6.20060mdk.x86_64.rpm
 674f714d7fa826c12fb0b59429718d1f  x86_64/2006.0/RPMS/xorg-x11-Xdmx-6.9.0-5.6.20060mdk.x86_64.rpm
 a07559d45b7622c3c9b0eed36a6c1000  x86_64/2006.0/RPMS/xorg-x11-xfs-6.9.0-5.6.20060mdk.x86_64.rpm
 87abf49419cc1417f56e45227034f7bf  x86_64/2006.0/RPMS/xorg-x11-Xnest-6.9.0-5.6.20060mdk.x86_64.rpm
 fcfcded879d21656bfddb8ecb91b47e2  x86_64/2006.0/RPMS/xorg-x11-Xprt-6.9.0-5.6.20060mdk.x86_64.rpm
 efaeb4f777b5372d55fd8d9128bb80b6  x86_64/2006.0/RPMS/xorg-x11-Xvfb-6.9.0-5.6.20060mdk.x86_64.rpm
 e333b8894ec5d3fbca38c95741d95935  x86_64/2006.0/SRPMS/xorg-x11-6.9.0-5.6.20060mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEWusrmqjQ0CJFipgRApXwAJ9cw45E2rwVBu0fxJtDzSuvVpp9ZgCfYO11
fv2LBh+vU5/MqGUT+WfBLJc=
=t4j3
-----END PGP SIGNATURE-----