Fedora Core: Xorg-X11 Update Addresses Potential Integer Overflow Issue

X.org X11 is an open source implementation of the X Window System. It

provides the basic low level functionality which full fledged

graphical user interfaces (GUIs) such as GNOME and KDE are designed

upon.

Several integer overflow flaws in the X.Org libXpm library used to decode XPM (X PixMap) images have been found and addressed. An attacker could create a carefully crafted XPM file which would cause an application to crash or potentially execute arbitrary code if opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0914 to this issue.

Users are advised to upgrade to these erratum packages, which contain backported security patches as well as other bug fixes. * Mon Nov 15 2004 Kristian Høgsberg <krh@redhat.com>

- Added xorg-x11-6.7.0-xpm-security-fixes-CAN-2004-0914.patch to fix a number of Xpm issues found by Thomas Biege <thomas@suse.de> (#136169)

This update can be downloaded from:

71b25b43914ce57fca3cf5cdeb5f4f41 SRPMS/xorg-x11-6.8.1-12.FC3.1.src.rpm 6aebd3219118e744794665f5eff3ecd2 x86_64/xorg-x11-6.8.1-12.FC3.1.x86_64.rpm 5a695bc10a9167502570ae0dc4fc5c19 x86_64/xorg-x11-devel-6.8.1-12.FC3.1.x8...