Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Slackware 10.2 X11 Update 2006-259-01 Critical Overflow Issue

slackware
Calendar Grey September 17, 2006
Dist Slackware Esm H88
Latest x11 updates for Slackware 10.2 released to tackle memory vulnerabilities in font handling; all existing packages have been revised.
New x11 (X.Org) packages are available for Slackware 10.2, and -current to fix security issues due to overflows in font parsing

Summary

Here are the details from the Slackware 10.2 ChangeLog: patches/packages/x11-6.8.2-i486-7_slack10.2.tgz:i Fixed an overflow in CID encoded Type1 font parsing. For further reference, see: https://www.cve.org/CVERecord?id=CVE-2006-3739 https://www.cve.org/CVERecord?id=CVE-2006-3740 (* Security fix *) patches/packages/x11-devel-6.8.2-i486-7_slack10.2.tgz: Recompiled. patches/packages/x11-xdmx-6.8.2-i486-7_slack10.2.tgz: Recompiled. patches/packages/x11-xnest-6.8.2-i486-7_slack10.2.tgz: Recompiled. patches/packages/x11-xvfb-6.8.2-i486-7_slack10.2.tgz: Recompiled.

Topics%20covered

Topics Covered

security advisory critical slackware upgrade font parsing overflow issue x11 package

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 10.2:
Updated package for Slackware -current:

MD5 Signatures

Slackware 10.2 package: a9316c321d186c6f9550b1f29ccc1501 x11-6.8.2-i486-7_slack10.2.tgz 20d998bce33e744ffd037d8190a42c18 x11-devel-6.8.2-i486-7_slack10.2.tgz 0a3327d025d6af59f54de9ac63404c97 x11-xdmx-6.8.2-i486-7_slack10.2.tgz e236495f4e11a246b0027f6cfb5703d2 x11-xnest-6.8.2-i486-7_slack10.2.tgz 12a58e8efcdd6807b3d366fbcf9d79e4 x11-xvfb-6.8.2-i486-7_slack10.2.tgz
Slackware -current package: 59bf0501ce46391197ad571c9341c105 x11-6.9.0-i486-11.tgz 14c95b5eab916883a313c34db4fdb38a x11-devel-6.9.0-i486-11.tgz 2d19e8fe89b314fe93baed7c62d0a1cb x11-xdmx-6.9.0-i486-11.tgz 54369c52653384d0ff4310b56bd67c96 x11-xnest-6.9.0-i486-11.tgz c8795b535a8c38cc4832dbbb5e4aa711 x11-xvfb-6.9.0-i486-11.tgz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical slackware upgrade font parsing overflow issue x11 package

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg x11-6.8.2-i486-7_slack10.2.tgz x11-devel-6.8.2-i486-7_slack10.2.tgz x11-xdmx-6.8.2-i486-7_slack10.2.tgz x11-xnest-6.8.2-i486-7_slack10.2.tgz x11-xvfb-6.8.2-i486-7_slack10.2.tgz

Related News

Your message here