Mandrake alert: Updated XFree86 packages fix buffer overflow vulnerabilities

Posted by dave on Feb 13, 2004 8:03 AM EDT
Mailing list
Mail this story
Print this story

Two buffer overflow vulnerabilities were found by iDEFENSE in XFree86's parsing of the font.alias file. The X server, which runs as root, fails to check the length of user-provided input; as a result a malicious user could craft a malformed font.alias file causing a buffer overflow upon parsing, which could eventually lead to the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandrake Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           XFree86
 Advisory ID:            MDKSA-2004:012
 Date:                   February 14th, 2004

 Affected versions:	 9.0, 9.1, 9.2, Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Two buffer overflow vulnerabilities were found by iDEFENSE in
 XFree86's parsing of the font.alias file.  The X server, which runs as
 root, fails to check the length of user-provided input; as a result a
 malicious user could craft a malformed font.alias file causing a
 buffer overflow upon parsing, which could eventually lead to the
 execution of arbitrary code.
 
 Additional vulnerabilities were found by David Dawes, also in the
 reading of font files.
 
 The updated packages have a patch from David Dawes to correct these
 vulnerabilities.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0083
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0084
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0106
 ______________________________________________________________________

 Updated Packages:
  
 Corporate Server 2.1:
 310bf1924c3fdbd269d9c914f968d1cd  corporate/2.1/RPMS/X11R6-contrib-4.2.1-6.9.C21mdk.i586.rpm
 3b2b89dd7589526eae6177cb58b5dd91  corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.9.C21mdk.i586.rpm
 34614fe5b8ab99d2608b239ee5500c3a  corporate/2.1/RPMS/XFree86-4.2.1-6.9.C21mdk.i586.rpm
 d852fdcce019792d37d50b6f5ee38989  corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.9.C21mdk.i586.rpm
 3f41bdd95e10467f414a162d2089b752  corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.9.C21mdk.i586.rpm
 d67588f7a6e661de3f782e06d39f8f81  corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.9.C21mdk.i586.rpm
 e3f6a152399a9a1f67ca28d4966c65ef  corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.9.C21mdk.i586.rpm
 dade71c115567fe978659ef72f522d7b  corporate/2.1/RPMS/XFree86-devel-4.2.1-6.9.C21mdk.i586.rpm
 c8653fbefcb470f2aaa61d84bc59c0f4  corporate/2.1/RPMS/XFree86-glide-module-4.2.1-6.9.C21mdk.i586.rpm
 394b33ac9446410b9edd4232d19bc6ab  corporate/2.1/RPMS/XFree86-libs-4.2.1-6.9.C21mdk.i586.rpm
 1e05f8bc2d9b94b85c4634f8d817c5b5  corporate/2.1/RPMS/XFree86-server-4.2.1-6.9.C21mdk.i586.rpm
 4b682b76797a17e1e9ad9c9240bfb85d  corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.9.C21mdk.i586.rpm
 88a3f60a155efcf194ba06121d875437  corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.9.C21mdk.i586.rpm
 64d5862c81b6ea69ed356f625e25675b  corporate/2.1/SRPMS/XFree86-4.2.1-6.9.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 5942d60536bb1db7bd9a93d0f28be9ed  x86_64/corporate/2.1/RPMS/X11R6-contrib-4.2.1-6.9.C21mdk.x86_64.rpm
 801c19834b03405f060d9bef65446be5  x86_64/corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.9.C21mdk.x86_64.rpm
 77b5d33963c2fddda275c5f2dd177f08  x86_64/corporate/2.1/RPMS/XFree86-4.2.1-6.9.C21mdk.x86_64.rpm
 101fb938f6cce32ae3fcd5c66402d5ab  x86_64/corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.9.C21mdk.x86_64.rpm
 e4a311ae7c258c8f087a8b1204147967  x86_64/corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.9.C21mdk.x86_64.rpm
 d6716951786d8c4fc960b9e2d7bcca24  x86_64/corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.9.C21mdk.x86_64.rpm
 c492edc75d42aca8ac16db358b03136a  x86_64/corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.9.C21mdk.x86_64.rpm
 805ff923d28c3d293c78535525b4a8a6  x86_64/corporate/2.1/RPMS/XFree86-devel-4.2.1-6.9.C21mdk.x86_64.rpm
 9f3559a2df592c93e0302c5eb93b67ab  x86_64/corporate/2.1/RPMS/XFree86-libs-4.2.1-6.9.C21mdk.x86_64.rpm
 df3a62dcdd118235ff6894e9f19e45fb  x86_64/corporate/2.1/RPMS/XFree86-server-4.2.1-6.9.C21mdk.x86_64.rpm
 da2e00f28e82324788900dc2b7565571  x86_64/corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.9.C21mdk.x86_64.rpm
 4336f401c3aef287d959f7fda5ab7b3e  x86_64/corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.9.C21mdk.x86_64.rpm
 64d5862c81b6ea69ed356f625e25675b  x86_64/corporate/2.1/SRPMS/XFree86-4.2.1-6.9.C21mdk.src.rpm

 Mandrake Linux 9.0:
 98e5b738b3dbc829d21256fbdc78710c  9.0/RPMS/X11R6-contrib-4.2.1-3.5.90mdk.i586.rpm
 ad1674508a8296ba90bbfe993d76ca27  9.0/RPMS/XFree86-100dpi-fonts-4.2.1-3.5.90mdk.i586.rpm
 147ebe26aab5a24de5aa9f1a4fc07994  9.0/RPMS/XFree86-4.2.1-3.5.90mdk.i586.rpm
 99390424e23bac5773a78b42da2baf9a  9.0/RPMS/XFree86-75dpi-fonts-4.2.1-3.5.90mdk.i586.rpm
 66ff679df82d4cedc0d2e471e8e3a1ca  9.0/RPMS/XFree86-Xnest-4.2.1-3.5.90mdk.i586.rpm
 37625aea0104d591018564022b48c94a  9.0/RPMS/XFree86-Xvfb-4.2.1-3.5.90mdk.i586.rpm
 4372c1156eb29891a15cdd2d82632631  9.0/RPMS/XFree86-cyrillic-fonts-4.2.1-3.5.90mdk.i586.rpm
 df791cabfa0835d8cbc1eef4098284d6  9.0/RPMS/XFree86-devel-4.2.1-3.5.90mdk.i586.rpm
 1f44bf236351c2c6c88b749bd9243632  9.0/RPMS/XFree86-glide-module-4.2.1-3.5.90mdk.i586.rpm
 12ae6507db13b1cf57d83b4b2486c8d2  9.0/RPMS/XFree86-libs-4.2.1-3.5.90mdk.i586.rpm
 c31e106485fe806408c3f00a3ba3d5f5  9.0/RPMS/XFree86-server-4.2.1-3.5.90mdk.i586.rpm
 62830c01b5172df5ec704645c92b3d8d  9.0/RPMS/XFree86-static-libs-4.2.1-3.5.90mdk.i586.rpm
 367d6a87b91f6f305affd748a1c3d696  9.0/RPMS/XFree86-xfs-4.2.1-3.5.90mdk.i586.rpm
 982a452683aa71d835c6e7119d19ec81  9.0/SRPMS/XFree86-4.2.1-3.5.90mdk.src.rpm

 Mandrake Linux 9.1:
 7c01363aaeb5c743f38c0ea34214efa0  9.1/RPMS/X11R6-contrib-4.3-8.7.91mdk.i586.rpm
 cc4a1010fb7f6edeaa8c207894fd17db  9.1/RPMS/XFree86-100dpi-fonts-4.3-8.7.91mdk.i586.rpm
 0b755a0bdf0004c85e1ae855796c386b  9.1/RPMS/XFree86-4.3-8.7.91mdk.i586.rpm
 a7082c2ef309c3f96d8cd57f2dc1d5ee  9.1/RPMS/XFree86-75dpi-fonts-4.3-8.7.91mdk.i586.rpm
 a57a95691a365fef73ae099d263e37f3  9.1/RPMS/XFree86-Xnest-4.3-8.7.91mdk.i586.rpm
 d56381b27356ea984c3529fc18a8f553  9.1/RPMS/XFree86-Xvfb-4.3-8.7.91mdk.i586.rpm
 c28e40d257929015ce51a44025b73419  9.1/RPMS/XFree86-cyrillic-fonts-4.3-8.7.91mdk.i586.rpm
 f59caeb2e0cd6b2cd1252ce68a5a3701  9.1/RPMS/XFree86-devel-4.3-8.7.91mdk.i586.rpm
 5b5a89f147662d0733365ffed3ca4b07  9.1/RPMS/XFree86-glide-module-4.3-8.7.91mdk.i586.rpm
 87b3a9cc5fc382d70be92f0c8af34f4e  9.1/RPMS/XFree86-libs-4.3-8.7.91mdk.i586.rpm
 8ef96d1888ed2a996a60dcffd6ee3e55  9.1/RPMS/XFree86-server-4.3-8.7.91mdk.i586.rpm
 ffcfab37ec7b83e25a9910500d391922  9.1/RPMS/XFree86-static-libs-4.3-8.7.91mdk.i586.rpm
 ea7bc11b621a5c7cff21620cbe4a1081  9.1/RPMS/XFree86-xfs-4.3-8.7.91mdk.i586.rpm
 37d7552011e007629985a83984181652  9.1/SRPMS/XFree86-4.3-8.7.91mdk.src.rpm

 Mandrake Linux 9.1/PPC:
 7cde9aac236b245d80f0d3cadc871463  ppc/9.1/RPMS/X11R6-contrib-4.3-8.7.91mdk.ppc.rpm
 67d584f5ddcce49542b7f1cc60416593  ppc/9.1/RPMS/XFree86-100dpi-fonts-4.3-8.7.91mdk.ppc.rpm
 411850a4073715db74484ea1524d15f2  ppc/9.1/RPMS/XFree86-4.3-8.7.91mdk.ppc.rpm
 7ce455db242384aed219dee3c3b935ef  ppc/9.1/RPMS/XFree86-75dpi-fonts-4.3-8.7.91mdk.ppc.rpm
 a56324a6c603be47d5a0f5a5bdf44b4d  ppc/9.1/RPMS/XFree86-Xnest-4.3-8.7.91mdk.ppc.rpm
 97b19edcced65286219adff178504118  ppc/9.1/RPMS/XFree86-Xvfb-4.3-8.7.91mdk.ppc.rpm
 a49c35faa8f481ff46323ecaaeeafe9f  ppc/9.1/RPMS/XFree86-cyrillic-fonts-4.3-8.7.91mdk.ppc.rpm
 4e51c103bd2da9f1f484a5a73b29fe44  ppc/9.1/RPMS/XFree86-devel-4.3-8.7.91mdk.ppc.rpm
 12374d121016366e9b872e9d67ea5f91  ppc/9.1/RPMS/XFree86-libs-4.3-8.7.91mdk.ppc.rpm
 6802b19db8ec11b77876f4c81647db45  ppc/9.1/RPMS/XFree86-server-4.3-8.7.91mdk.ppc.rpm
 e9e17607d11880f5d269727c7b1964de  ppc/9.1/RPMS/XFree86-static-libs-4.3-8.7.91mdk.ppc.rpm
 9e8c26387681e9e542f7588db6eaacb6  ppc/9.1/RPMS/XFree86-xfs-4.3-8.7.91mdk.ppc.rpm
 37d7552011e007629985a83984181652  ppc/9.1/SRPMS/XFree86-4.3-8.7.91mdk.src.rpm

 Mandrake Linux 9.2:
 2465e00205fc34d78a72545d1a00a24f  9.2/RPMS/libxfree86-4.3-24.4.92mdk.i586.rpm
 a987962fce9ec85d4c02b051d8dcbce6  9.2/RPMS/libxfree86-devel-4.3-24.4.92mdk.i586.rpm
 a51b3d691999436babf85845a3720c34  9.2/RPMS/libxfree86-static-devel-4.3-24.4.92mdk.i586.rpm
 245dfe0ff1d7618c59ccc8052fdfe040  9.2/RPMS/X11R6-contrib-4.3-24.4.92mdk.i586.rpm
 7ed2f5ec2b8e087209b19f7bc6b24424  9.2/RPMS/XFree86-100dpi-fonts-4.3-24.4.92mdk.i586.rpm
 24f2119308cc500300fc55e7413b05ee  9.2/RPMS/XFree86-4.3-24.4.92mdk.i586.rpm
 74421ed1018908a55294e46ca90e5a73  9.2/RPMS/XFree86-75dpi-fonts-4.3-24.4.92mdk.i586.rpm
 f9388e7cd146f6968071c1df70813b03  9.2/RPMS/XFree86-Xnest-4.3-24.4.92mdk.i586.rpm
 0f92071b9ce2a8544cca226c07c3aba4  9.2/RPMS/XFree86-Xvfb-4.3-24.4.92mdk.i586.rpm
 66e4f0adb9a81ce0c54faef126911059  9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.4.92mdk.i586.rpm
 3c619cfaabf95c50869fc4ca686cfe1b  9.2/RPMS/XFree86-glide-module-4.3-24.4.92mdk.i586.rpm
 5168c34488df4186101bb9aa5cda7ce5  9.2/RPMS/XFree86-server-4.3-24.4.92mdk.i586.rpm
 1b97520e7219ac05ac864ff3f336e431  9.2/RPMS/XFree86-xfs-4.3-24.4.92mdk.i586.rpm
 8bbaa775d0a642d99b068601f203b4bc  9.2/SRPMS/XFree86-4.3-24.4.92mdk.src.rpm

 Mandrake Linux 9.2/AMD64:
 a517c17424ee8a02cc4a8f9a51c553da  amd64/9.2/RPMS/lib64xfree86-4.3-24.4.92mdk.amd64.rpm
 973a672b0d4b66e0d5970d146935bdce  amd64/9.2/RPMS/lib64xfree86-devel-4.3-24.4.92mdk.amd64.rpm
 ee7dbd21dd074829fe102551c89d0d3c  amd64/9.2/RPMS/lib64xfree86-static-devel-4.3-24.4.92mdk.amd64.rpm
 0a46865142bf0282ec6b041aa5fc80de  amd64/9.2/RPMS/X11R6-contrib-4.3-24.4.92mdk.amd64.rpm
 421a3ad3412a76ef54b6febdcfd73f8c  amd64/9.2/RPMS/XFree86-100dpi-fonts-4.3-24.4.92mdk.amd64.rpm
 f5e13d6c1d7d16cccf5eff388bcf01d7  amd64/9.2/RPMS/XFree86-4.3-24.4.92mdk.amd64.rpm
 7edb2bcdbdf513078f1702c9da678781  amd64/9.2/RPMS/XFree86-75dpi-fonts-4.3-24.4.92mdk.amd64.rpm
 e789fc9ab14324f8f9ae83d4ab0ef2f8  amd64/9.2/RPMS/XFree86-Xnest-4.3-24.4.92mdk.amd64.rpm
 4f2a3540097f82f759fd2107c21d3339  amd64/9.2/RPMS/XFree86-Xvfb-4.3-24.4.92mdk.amd64.rpm
 995c3918c1dc7a318e5cb72a2848a447  amd64/9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.4.92mdk.amd64.rpm
 94dbb6dd2611beb53fea56761deda581  amd64/9.2/RPMS/XFree86-server-4.3-24.4.92mdk.amd64.rpm
 76237a5914c788ea985eb2aed7655204  amd64/9.2/RPMS/XFree86-xfs-4.3-24.4.92mdk.amd64.rpm
 8bbaa775d0a642d99b068601f203b4bc  amd64/9.2/SRPMS/XFree86-4.3-24.4.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 A list of FTP mirrors can be obtained from:

  http://www.mandrakesecure.net/en/ftp.php

 All packages are signed by MandrakeSoft for security.  You can obtain
 the GPG public key of the Mandrake Linux Security Team by executing:

  gpg --recv-keys --keyserver http://www.mandrakesecure.net 0x22458A98

 Please be aware that sometimes it takes the mirrors a few hours to
 update.

 You can view other update advisories for Mandrake Linux at:

  http://www.mandrakesecure.net/en/advisories/

 MandrakeSoft has several security-related mailing list services that
 anyone can subscribe to.  Information on these lists can be obtained by
 visiting:

  http://www.mandrakesecure.net/en/mlist.php

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFALQFkmqjQ0CJFipgRAg9XAJ43izhebJHMQ5jRwaCjXMSd8hOnVwCdG1id
Us3Cs+Od2S9fjtYmY0ckTyE=
=fDTU
-----END PGP SIGNATURE-----

  Nav
» Read more about: Story Type: Security; Groups: Mandriva

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.