Fedora Core 5 Update: xorg-x11-server-1.0.1-9

    Date20 Mar 2006
    5117
    Posted ByLinuxSecurity Advisories
    Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team. Upon analysis, Alan Coopersmith, a member of the X.Org development team, noticed a couple of serious security issues in the findings. In particular, the Xorg server can be exploited for root privilege escalation by passing a path to malicious modules using the -modulepath command line argument. Also, the Xorg server can be exploited to overwrite any root writable file on the filesystem with the -logfile command line argument.
    ---------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2006-172
    2006-03-20
    ---------------------------------------------------------------------
    
    Product     : Fedora Core 5
    Name        : xorg-x11-server
    Version     : 1.0.1                      
    Release     : 9                  
    Summary     : X.Org X11 X server
    Description :
    X.Org X11 X server
    
    ---------------------------------------------------------------------
    Update Information:
    
    Coverity scanned the X.Org source code for problems and
    reported their findings to the X.Org development team. Upon
    analysis, Alan Coopersmith, a member of the X.Org
    development team, noticed a couple of serious security
    issues in the findings.  In particular, the Xorg server can
    be exploited for root privilege escalation by passing a path
    to malicious modules using the -modulepath command line
    argument.  Also, the Xorg server can be exploited to
    overwrite any root writable file on the filesystem with the
    -logfile command line argument.
    ---------------------------------------------------------------------
    * Wed Mar 15 2006 Ray Strode  - 1.0.1-9
    - CVE-2006-0745 (bug 185084)
    
    ---------------------------------------------------------------------
    This update can be downloaded from:
      https://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
    
    62c76f10a229a7acb1124f2fcd2bf09bc3d5f9c2  SRPMS/xorg-x11-server-1.0.1-9.src.rpm
    b5aaa17856b44f1c9478fb57940053f8853fbdc7  ppc/xorg-x11-server-Xorg-1.0.1-9.ppc.rpm
    d522b711623540752dab0285f3e6e9af5957e93e  ppc/xorg-x11-server-Xnest-1.0.1-9.ppc.rpm
    30d539d1981ee371c3c23d37040f645e18cab3cb  ppc/xorg-x11-server-Xdmx-1.0.1-9.ppc.rpm
    105129cb3df40edefa427a3079b01723796b78e3  ppc/xorg-x11-server-Xvfb-1.0.1-9.ppc.rpm
    47cac9878371cda596282f1312097391b63e6f5c  ppc/xorg-x11-server-sdk-1.0.1-9.ppc.rpm
    c9b2e112fbb160304fe88687d786f7a296c12e67  ppc/debug/xorg-x11-server-debuginfo-1.0.1-9.ppc.rpm
    c1354391868e4d65dec1fde4df901c663977529e  x86_64/xorg-x11-server-Xorg-1.0.1-9.x86_64.rpm
    4e75a20403dd8aa89b1c40334694b7d7dccfc0db  x86_64/xorg-x11-server-Xnest-1.0.1-9.x86_64.rpm
    86f7afcdacf79cccdf12f8c013bef03d84a2420b  x86_64/xorg-x11-server-Xdmx-1.0.1-9.x86_64.rpm
    cf4fb466fe5c3cca5a1360c6f70a7e0b04fa0080  x86_64/xorg-x11-server-Xvfb-1.0.1-9.x86_64.rpm
    3448d6e446fdf245b805e731ade54c6801daaa53  x86_64/xorg-x11-server-sdk-1.0.1-9.x86_64.rpm
    5a6e70aef827c124c7ef660c544f78def11a498e  x86_64/debug/xorg-x11-server-debuginfo-1.0.1-9.x86_64.rpm
    dc08e7f253ba49a6bc0ca5b29d988a78b928dba2  i386/xorg-x11-server-Xorg-1.0.1-9.i386.rpm
    2235e42c5ffe9255f4cc18f68e19b0652e2a52ec  i386/xorg-x11-server-Xnest-1.0.1-9.i386.rpm
    0babd4a06f0ac57eb8ea2730022b9cb5e49abe5d  i386/xorg-x11-server-Xdmx-1.0.1-9.i386.rpm
    4ac6d2ef90052d965f0d23abb27ea5d7128c51c9  i386/xorg-x11-server-Xvfb-1.0.1-9.i386.rpm
    afbdac912fa0cc580f18c4ff3eccff444f89595f  i386/xorg-x11-server-sdk-1.0.1-9.i386.rpm
    b36a9dd6eed098a3c8f55d5415ee07d1a893b5ba  i386/debug/xorg-x11-server-debuginfo-1.0.1-9.i386.rpm
    
    This update can be installed with the 'yum' update program.  Use 'yum update
    package-name' at the command line.  For more information, refer to 'Managing
    Software with yum,' available at https://fedora.redhat.com/docs/yum/.
    ---------------------------------------------------------------------
    
    -- 
    fedora-announce-list mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/fedora-announce-list
    

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"48","type":"x","order":"1","pct":88.89,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"4","type":"x","order":"2","pct":7.41,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"2","type":"x","order":"3","pct":3.7,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.