---------------------------------------------------------------------Fedora Update Notification
FEDORA-2006-172
2006-03-20
---------------------------------------------------------------------Product     : Fedora Core 5
Name        : xorg-x11-server
Version     : 1.0.1                      
Release     : 9                  
Summary     : X.Org X11 X server
Description :
X.Org X11 X server

---------------------------------------------------------------------Update Information:

Coverity scanned the X.Org source code for problems and
reported their findings to the X.Org development team. Upon
analysis, Alan Coopersmith, a member of the X.Org
development team, noticed a couple of serious security
issues in the findings.  In particular, the Xorg server can
be exploited for root privilege escalation by passing a path
to malicious modules using the -modulepath command line
argument.  Also, the Xorg server can be exploited to
overwrite any root writable file on the filesystem with the
-logfile command line argument.
---------------------------------------------------------------------* Wed Mar 15 2006 Ray Strode  - 1.0.1-9
- CVE-2006-0745 (bug 185084)

---------------------------------------------------------------------This update can be downloaded from:
  
62c76f10a229a7acb1124f2fcd2bf09bc3d5f9c2  SRPMS/xorg-x11-server-1.0.1-9.src.rpm
b5aaa17856b44f1c9478fb57940053f8853fbdc7  ppc/xorg-x11-server-Xorg-1.0.1-9.ppc.rpm
d522b711623540752dab0285f3e6e9af5957e93e  ppc/xorg-x11-server-Xnest-1.0.1-9.ppc.rpm
30d539d1981ee371c3c23d37040f645e18cab3cb  ppc/xorg-x11-server-Xdmx-1.0.1-9.ppc.rpm
105129cb3df40edefa427a3079b01723796b78e3  ppc/xorg-x11-server-Xvfb-1.0.1-9.ppc.rpm
47cac9878371cda596282f1312097391b63e6f5c  ppc/xorg-x11-server-sdk-1.0.1-9.ppc.rpm
c9b2e112fbb160304fe88687d786f7a296c12e67  ppc/debug/xorg-x11-server-debuginfo-1.0.1-9.ppc.rpm
c1354391868e4d65dec1fde4df901c663977529e  x86_64/xorg-x11-server-Xorg-1.0.1-9.x86_64.rpm
4e75a20403dd8aa89b1c40334694b7d7dccfc0db  x86_64/xorg-x11-server-Xnest-1.0.1-9.x86_64.rpm
86f7afcdacf79cccdf12f8c013bef03d84a2420b  x86_64/xorg-x11-server-Xdmx-1.0.1-9.x86_64.rpm
cf4fb466fe5c3cca5a1360c6f70a7e0b04fa0080  x86_64/xorg-x11-server-Xvfb-1.0.1-9.x86_64.rpm
3448d6e446fdf245b805e731ade54c6801daaa53  x86_64/xorg-x11-server-sdk-1.0.1-9.x86_64.rpm
5a6e70aef827c124c7ef660c544f78def11a498e  x86_64/debug/xorg-x11-server-debuginfo-1.0.1-9.x86_64.rpm
dc08e7f253ba49a6bc0ca5b29d988a78b928dba2  i386/xorg-x11-server-Xorg-1.0.1-9.i386.rpm
2235e42c5ffe9255f4cc18f68e19b0652e2a52ec  i386/xorg-x11-server-Xnest-1.0.1-9.i386.rpm
0babd4a06f0ac57eb8ea2730022b9cb5e49abe5d  i386/xorg-x11-server-Xdmx-1.0.1-9.i386.rpm
4ac6d2ef90052d965f0d23abb27ea5d7128c51c9  i386/xorg-x11-server-Xvfb-1.0.1-9.i386.rpm
afbdac912fa0cc580f18c4ff3eccff444f89595f  i386/xorg-x11-server-sdk-1.0.1-9.i386.rpm
b36a9dd6eed098a3c8f55d5415ee07d1a893b5ba  i386/debug/xorg-x11-server-debuginfo-1.0.1-9.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at .
----------------------------------------------------------------------- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 5 Update: xorg-x11-server-1.0.1-9

March 20, 2006
Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team

Summary

X.Org X11 X server

Coverity scanned the X.Org source code for problems and

reported their findings to the X.Org development team. Upon

analysis, Alan Coopersmith, a member of the X.Org

development team, noticed a couple of serious security

issues in the findings. In particular, the Xorg server can

be exploited for root privilege escalation by passing a path

to malicious modules using the -modulepath command line

argument. Also, the Xorg server can be exploited to

overwrite any root writable file on the filesystem with the

-logfile command line argument.

- CVE-2006-0745 (bug 185084)

62c76f10a229a7acb1124f2fcd2bf09bc3d5f9c2 SRPMS/xorg-x11-server-1.0.1-9.src.rpm

b5aaa17856b44f1c9478fb57940053f8853fbdc7 ppc/xorg-x11-server-Xorg-1.0.1-9.ppc.rpm

d522b711623540752dab0285f3e6e9af5957e93e ppc/xorg-x11-server-Xnest-1.0.1-9.ppc.rpm

30d539d1981ee371c3c23d37040f645e18cab3cb ppc/xorg-x11-server-Xdmx-1.0.1-9.ppc.rpm

105129cb3df40edefa427a3079b01723796b78e3 ppc/xorg-x11-server-Xvfb-1.0.1-9.ppc.rpm

47cac9878371cda596282f1312097391b63e6f5c ppc/xorg-x11-server-sdk-1.0.1-9.ppc.rpm

c9b2e112fbb160304fe88687d786f7a296c12e67 ppc/debug/xorg-x11-server-debuginfo-1.0.1-9.ppc.rpm

c1354391868e4d65dec1fde4df901c663977529e x86_64/xorg-x11-server-Xorg-1.0.1-9.x86_64.rpm

4e75a20403dd8aa89b1c40334694b7d7dccfc0db x86_64/xorg-x11-server-Xnest-1.0.1-9.x86_64.rpm

86f7afcdacf79cccdf12f8c013bef03d84a2420b x86_64/xorg-x11-server-Xdmx-1.0.1-9.x86_64.rpm

cf4fb466fe5c3cca5a1360c6f70a7e0b04fa0080 x86_64/xorg-x11-server-Xvfb-1.0.1-9.x86_64.rpm

3448d6e446fdf245b805e731ade54c6801daaa53 x86_64/xorg-x11-server-sdk-1.0.1-9.x86_64.rpm

5a6e70aef827c124c7ef660c544f78def11a498e x86_64/debug/xorg-x11-server-debuginfo-1.0.1-9.x86_64.rpm

dc08e7f253ba49a6bc0ca5b29d988a78b928dba2 i386/xorg-x11-server-Xorg-1.0.1-9.i386.rpm

2235e42c5ffe9255f4cc18f68e19b0652e2a52ec i386/xorg-x11-server-Xnest-1.0.1-9.i386.rpm

0babd4a06f0ac57eb8ea2730022b9cb5e49abe5d i386/xorg-x11-server-Xdmx-1.0.1-9.i386.rpm

4ac6d2ef90052d965f0d23abb27ea5d7128c51c9 i386/xorg-x11-server-Xvfb-1.0.1-9.i386.rpm

afbdac912fa0cc580f18c4ff3eccff444f89595f i386/xorg-x11-server-sdk-1.0.1-9.i386.rpm

b36a9dd6eed098a3c8f55d5415ee07d1a893b5ba i386/debug/xorg-x11-server-debuginfo-1.0.1-9.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

fedora-announce-list mailing list

fedora-announce-list@redhat.com

https://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2006-172 2006-03-20 Name : xorg-x11-server Version : 1.0.1 Release : 9 Summary : X.Org X11 X server Description : X.Org X11 X server Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team. Upon analysis, Alan Coopersmith, a member of the X.Org development team, noticed a couple of serious security issues in the findings. In particular, the Xorg server can be exploited for root privilege escalation by passing a path to malicious modules using the -modulepath command line argument. Also, the Xorg server can be exploited to overwrite any root writable file on the filesystem with the -logfile command line argument. - CVE-2006-0745 (bug 185084) 62c76f10a229a7acb1124f2fcd2bf09bc3d5f9c2 SRPMS/xorg-x11-server-1.0.1-9.src.rpm b5aaa17856b44f1c9478fb57940053f8853fbdc7 ppc/xorg-x11-server-Xorg-1.0.1-9.ppc.rpm d522b711623540752dab0285f3e6e9af5957e93e ppc/xorg-x11-server-Xnest-1.0.1-9.ppc.rpm 30d539d1981ee371c3c23d37040f645e18cab3cb ppc/xorg-x11-server-Xdmx-1.0.1-9.ppc.rpm 105129cb3df40edefa427a3079b01723796b78e3 ppc/xorg-x11-server-Xvfb-1.0.1-9.ppc.rpm 47cac9878371cda596282f1312097391b63e6f5c ppc/xorg-x11-server-sdk-1.0.1-9.ppc.rpm c9b2e112fbb160304fe88687d786f7a296c12e67 ppc/debug/xorg-x11-server-debuginfo-1.0.1-9.ppc.rpm c1354391868e4d65dec1fde4df901c663977529e x86_64/xorg-x11-server-Xorg-1.0.1-9.x86_64.rpm 4e75a20403dd8aa89b1c40334694b7d7dccfc0db x86_64/xorg-x11-server-Xnest-1.0.1-9.x86_64.rpm 86f7afcdacf79cccdf12f8c013bef03d84a2420b x86_64/xorg-x11-server-Xdmx-1.0.1-9.x86_64.rpm cf4fb466fe5c3cca5a1360c6f70a7e0b04fa0080 x86_64/xorg-x11-server-Xvfb-1.0.1-9.x86_64.rpm 3448d6e446fdf245b805e731ade54c6801daaa53 x86_64/xorg-x11-server-sdk-1.0.1-9.x86_64.rpm 5a6e70aef827c124c7ef660c544f78def11a498e x86_64/debug/xorg-x11-server-debuginfo-1.0.1-9.x86_64.rpm dc08e7f253ba49a6bc0ca5b29d988a78b928dba2 i386/xorg-x11-server-Xorg-1.0.1-9.i386.rpm 2235e42c5ffe9255f4cc18f68e19b0652e2a52ec i386/xorg-x11-server-Xnest-1.0.1-9.i386.rpm 0babd4a06f0ac57eb8ea2730022b9cb5e49abe5d i386/xorg-x11-server-Xdmx-1.0.1-9.i386.rpm 4ac6d2ef90052d965f0d23abb27ea5d7128c51c9 i386/xorg-x11-server-Xvfb-1.0.1-9.i386.rpm afbdac912fa0cc580f18c4ff3eccff444f89595f i386/xorg-x11-server-sdk-1.0.1-9.i386.rpm b36a9dd6eed098a3c8f55d5415ee07d1a893b5ba i386/debug/xorg-x11-server-debuginfo-1.0.1-9.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . fedora-announce-list mailing list fedora-announce-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : xorg-x11-server
Version : 1.0.1
Release : 9
Summary : X.Org X11 X server

Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved