4 Apr 2007 16:29
Multiple vulnerabilities in X.Org
Marc Balmer <mbalmer <at> openbsd.org>
2007-04-04 14:29:06 GMT
2007-04-04 14:29:06 GMT
Multiple vulnerabilities have been discovered in X.Org: - XC-MISC CVE-2007-1003 XC-MISC Extension ProcXCMiscGetXIDList Memory Corruption Vulnerability This vulnerability was discovered by Sean Larsson, iDefense Labs. - bdf CVE-2007-1351 BDFFont Parsing Integer Overflow Vulnerability The discoverer of this vulnerability wishes to remain anonymous. - fontdir CVE-2007-1352 fonts.dir File Parsing Integer Overflow Vulnerability The discoverer of this vulnerability wishes to remain anonymous. - libX11 CVE-2007-1667 Multiple integer overflows in the XGetPixel() and XInitImage functions in ImUtil.c These vulnerabilities have been fixed in the OpenBSD CVS repository in the -current and -stable branches. The -current snapshots of X11 contain these fixes as well. It is recommended that users of X11 on OpenBSD update their X11 installation using cvs or manually apply the source code patches listed below. A source code patch for OpenBSD 4.0-stable can be downloaded from ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/011_xorg.patch. A source code patch for OpenBSD 3.9-stable can be downloaded from ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/021_xorg.patch.
RSS Feed