drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zahlenüberlauf in xorg
Name: |
Zahlenüberlauf in xorg |
|
ID: |
RHSA-2007:0157-01 |
|
Distribution: |
Red Hat |
|
Plattformen: |
Red Hat Enterprise Linux |
|
Datum: |
Mo, 16. April 2007, 17:45 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667 |
|
Applikationen: |
X11 |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- --------------------------------------------------------------------- Red Hat Security Advisory
Synopsis: Moderate: xorg-x11-apps and libX11 security update Advisory ID: RHSA-2007:0157-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0157.html Issue date: 2007-04-16 Updated on: 2007-04-16 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1667 - ---------------------------------------------------------------------
1. Summary:
Updated xorg-x11-apps and libX11 packages that fix a security issue are now available for Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
3. Problem description:
X.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.
An integer overflow flaw was found in the X.org XGetPixel() function. Improper use of this function could cause an application calling it to function improperly, possibly leading to a crash or arbitrary code execution. (CVE-2007-1667)
Users of the X.org X11 server should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
4. Solution:
Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
231694 - CVE-2007-1667 XGetPixel() integer overflow
6. RPMs required:
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS: libX11-1.0.3-8.0.1.el5.src.rpm 4c6cf452385e085b57f53f32cb9d1521 libX11-1.0.3-8.0.1.el5.src.rpm xorg-x11-apps-7.1-4.0.1.el5.src.rpm ff54c8414720357c1777beba9c7b9e25 xorg-x11-apps-7.1-4.0.1.el5.src.rpm
i386: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 6515c78f537b870dfe18fdd3d53ddfb9 xorg-x11-apps-7.1-4.0.1.el5.i386.rpm b8ef8ca891a67f6e62c63bb1bf9d22d1 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.i386.rpm
x86_64: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm ea143cb7bbe170730729d1dff11a54fa libX11-1.0.3-8.0.1.el5.x86_64.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 8da6f620d1dfbe194863d25ffd9a8dad libX11-debuginfo-1.0.3-8.0.1.el5.x86_64.rpm 43a723f54a8905609c19501e67a9f040 xorg-x11-apps-7.1-4.0.1.el5.x86_64.rpm 8f316a250f656a6418c320145ac02b62 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
SRPMS: libX11-1.0.3-8.0.1.el5.src.rpm 4c6cf452385e085b57f53f32cb9d1521 libX11-1.0.3-8.0.1.el5.src.rpm
i386: 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 7b2d2ba7bb68a47bd7662322e781ae7a libX11-devel-1.0.3-8.0.1.el5.i386.rpm
x86_64: 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 8da6f620d1dfbe194863d25ffd9a8dad libX11-debuginfo-1.0.3-8.0.1.el5.x86_64.rpm 7b2d2ba7bb68a47bd7662322e781ae7a libX11-devel-1.0.3-8.0.1.el5.i386.rpm acadc303e67b0c14da568f0425fde65d libX11-devel-1.0.3-8.0.1.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS: libX11-1.0.3-8.0.1.el5.src.rpm 4c6cf452385e085b57f53f32cb9d1521 libX11-1.0.3-8.0.1.el5.src.rpm xorg-x11-apps-7.1-4.0.1.el5.src.rpm ff54c8414720357c1777beba9c7b9e25 xorg-x11-apps-7.1-4.0.1.el5.src.rpm
i386: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 7b2d2ba7bb68a47bd7662322e781ae7a libX11-devel-1.0.3-8.0.1.el5.i386.rpm 6515c78f537b870dfe18fdd3d53ddfb9 xorg-x11-apps-7.1-4.0.1.el5.i386.rpm b8ef8ca891a67f6e62c63bb1bf9d22d1 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.i386.rpm
ia64: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm d9bf472eb7f382f576fd14002f5d1887 libX11-1.0.3-8.0.1.el5.ia64.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 1670f3877954d1392bf9ba70046fb30a libX11-debuginfo-1.0.3-8.0.1.el5.ia64.rpm cf8a8ffe44483347cdaa5c43e604b615 libX11-devel-1.0.3-8.0.1.el5.ia64.rpm e47e676aa542e3b64c8277ad792f0298 xorg-x11-apps-7.1-4.0.1.el5.ia64.rpm 8086b6c9997074397107692e43cf333f xorg-x11-apps-debuginfo-7.1-4.0.1.el5.ia64.rpm
ppc: 23f1c00ed705fbd1e88d40a82fea50bd libX11-1.0.3-8.0.1.el5.ppc.rpm 60c91ded38d03943378b21eb6ec57b24 libX11-1.0.3-8.0.1.el5.ppc64.rpm 24b4bcb0be6efb55d99eb11b900512f0 libX11-debuginfo-1.0.3-8.0.1.el5.ppc.rpm 310616345f70bf6b26de90897cd5dea4 libX11-debuginfo-1.0.3-8.0.1.el5.ppc64.rpm ecd2ee6fa8290b653b0e885eb432970f libX11-devel-1.0.3-8.0.1.el5.ppc.rpm ee670ec6168e6f2add6397e97da551b0 libX11-devel-1.0.3-8.0.1.el5.ppc64.rpm 3216a943acb93f3c8a8f4e764729143d xorg-x11-apps-7.1-4.0.1.el5.ppc.rpm b6aef042a1a10c4b0fbd4f19124eba4e xorg-x11-apps-debuginfo-7.1-4.0.1.el5.ppc.rpm
s390x: f44eab75f0bca9aab6aeec4ca273dcbf libX11-1.0.3-8.0.1.el5.s390.rpm baa7037daf2981a93f81ffa49d6b020a libX11-1.0.3-8.0.1.el5.s390x.rpm 51ba8a612370193a3c4f80cfbad54db6 libX11-debuginfo-1.0.3-8.0.1.el5.s390.rpm f62a72bbdacb66f26a0fcf0a50ea09f5 libX11-debuginfo-1.0.3-8.0.1.el5.s390x.rpm 2a169779c94277d62860dc5193a4f100 libX11-devel-1.0.3-8.0.1.el5.s390.rpm b464e0943f917152bc558a03d6e5885e libX11-devel-1.0.3-8.0.1.el5.s390x.rpm d5be859eeb98b2672e5dbbe5f1e98fc8 xorg-x11-apps-7.1-4.0.1.el5.s390x.rpm cb8efaae70fe6ea020661a49bc665ff8 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.s390x.rpm
x86_64: eafebca30be46a1f126a9085729dae91 libX11-1.0.3-8.0.1.el5.i386.rpm ea143cb7bbe170730729d1dff11a54fa libX11-1.0.3-8.0.1.el5.x86_64.rpm 35eb6170e8e0c26993f520cf839c120c libX11-debuginfo-1.0.3-8.0.1.el5.i386.rpm 8da6f620d1dfbe194863d25ffd9a8dad libX11-debuginfo-1.0.3-8.0.1.el5.x86_64.rpm 7b2d2ba7bb68a47bd7662322e781ae7a libX11-devel-1.0.3-8.0.1.el5.i386.rpm acadc303e67b0c14da568f0425fde65d libX11-devel-1.0.3-8.0.1.el5.x86_64.rpm 43a723f54a8905609c19501e67a9f040 xorg-x11-apps-7.1-4.0.1.el5.x86_64.rpm 8f316a250f656a6418c320145ac02b62 xorg-x11-apps-debuginfo-7.1-4.0.1.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667 http://www.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFGI5l3XlSAg2UNWIIRAnowAJ0Vqh4K1Je+8h7GZ8Sz+5ZVsnadggCgnRhg kzX03SJAV6/n9FO7AhbSLww= =lcwQ -----END PGP SIGNATURE-----
-- Enterprise-watch-list mailing list Enterprise-watch-list@redhat.com https://www.redhat.com/mailman/listinfo/enterprise-watch-list
|
|
|
|