(RHSA-2008:0504) Important: xorg-x11-server security update

2008-06-1100:00:00

access.redhat.com

0.018 Low

EPSS

Percentile

88.1%

JSON

X.Org is an open source implementation of the X Window System. It provides
basic low-level functionality that full-fledged graphical user interfaces
are designed upon.

An input validation flaw was discovered in X.org’s Security and Record
extensions. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or, potentially, execute arbitrary code with
root privileges on the X.Org server. (CVE-2008-1377)

Multiple integer overflow flaws were found in X.org’s Render extension. A
malicious authorized client could exploit these issues to cause a denial of
service (crash) or, potentially, execute arbitrary code with root
privileges on the X.Org server. (CVE-2008-2360, CVE-2008-2361,
CVE-2008-2362)

An input validation flaw was discovered in X.org’s MIT-SHM extension. A
client connected to the X.org server could read arbitrary server memory.
This could result in the sensitive data of other users of the X.org server
being disclosed. (CVE-2008-1379)

Users of xorg-x11-server should upgrade to these updated packages, which
contain backported patches to resolve these issues.

OSVersionArchitecturePackageVersionFilename
RedHat5x86_64xorg-x11-server-xephyr< 1.1.1-48.41.el5_2.1xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.x86_64.rpm
RedHat5i386xorg-x11-server-randr-source< 1.1.1-48.41.el5_2.1xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.i386.rpm
RedHat5i386xorg-x11-server-xnest< 1.1.1-48.41.el5_2.1xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.i386.rpm
RedHat5i386xorg-x11-server-xdmx< 1.1.1-48.41.el5_2.1xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.i386.rpm
RedHat5ppcxorg-x11-server-xdmx< 1.1.1-48.41.el5_2.1xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.ppc.rpm
RedHat5ia64xorg-x11-server-xorg< 1.1.1-48.41.el5_2.1xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.ia64.rpm
RedHat5i386xorg-x11-server-sdk< 1.1.1-48.41.el5_2.1xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.i386.rpm
RedHat5x86_64xorg-x11-server-xnest< 1.1.1-48.41.el5_2.1xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.x86_64.rpm
RedHat5ia64xorg-x11-server-sdk< 1.1.1-48.41.el5_2.1xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.ia64.rpm
RedHat5i386xorg-x11-server-xvfb< 1.1.1-48.41.el5_2.1xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.i386.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	5	x86_64	xorg-x11-server-xephyr	< 1.1.1-48.41.el5_2.1	xorg-x11-server-Xephyr-1.1.1-48.41.el5_2.1.x86_64.rpm
RedHat	5	i386	xorg-x11-server-randr-source	< 1.1.1-48.41.el5_2.1	xorg-x11-server-randr-source-1.1.1-48.41.el5_2.1.i386.rpm
RedHat	5	i386	xorg-x11-server-xnest	< 1.1.1-48.41.el5_2.1	xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.i386.rpm
RedHat	5	i386	xorg-x11-server-xdmx	< 1.1.1-48.41.el5_2.1	xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.i386.rpm
RedHat	5	ppc	xorg-x11-server-xdmx	< 1.1.1-48.41.el5_2.1	xorg-x11-server-Xdmx-1.1.1-48.41.el5_2.1.ppc.rpm
RedHat	5	ia64	xorg-x11-server-xorg	< 1.1.1-48.41.el5_2.1	xorg-x11-server-Xorg-1.1.1-48.41.el5_2.1.ia64.rpm
RedHat	5	i386	xorg-x11-server-sdk	< 1.1.1-48.41.el5_2.1	xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.i386.rpm
RedHat	5	x86_64	xorg-x11-server-xnest	< 1.1.1-48.41.el5_2.1	xorg-x11-server-Xnest-1.1.1-48.41.el5_2.1.x86_64.rpm
RedHat	5	ia64	xorg-x11-server-sdk	< 1.1.1-48.41.el5_2.1	xorg-x11-server-sdk-1.1.1-48.41.el5_2.1.ia64.rpm
RedHat	5	i386	xorg-x11-server-xvfb	< 1.1.1-48.41.el5_2.1	xorg-x11-server-Xvfb-1.1.1-48.41.el5_2.1.i386.rpm