Date: 16 February 2004
References: ESB-2004.0124 ESB-2004.0126
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2004.0125 -- RHSA-2004:060-01
Updated XFree86 packages fix privilege escalation vulnerability
16 February 2004
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: XFree86
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux AS (Advanced Server)
version 2.1
Red Hat Linux Advanced Workstation 2.1
Red Hat Enterprise Linux ES version 2.1
Red Hat Enterprise Linux WS version 2.1
Impact: Root Compromise
Access Required: Existing Account
CVE Names: CAN-2004-0083 CAN-2004-0084 CAN-2004-0106
Ref: ESB-2004.0124
ESB-2004.0116
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated XFree86 packages fix privilege escalation vulnerability
Advisory ID: RHSA-2004:060-01
Issue date: 2004-02-13
Updated on: 2004-02-13
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes: RHSA-2003:289
CVE Names: CAN-2004-0083 CAN-2004-0084 CAN-2004-0106
- - ---------------------------------------------------------------------
1. Topic:
Updated XFree86 packages that fix a privilege escalation vulnerability are
now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
3. Problem description:
XFree86 is an implementation of the X Window System, providing the core
graphical user interface and video drivers.
iDefense discovered two buffer overflows in the parsing of the 'font.alias'
file. A local attacker could exploit this vulnerability by creating a
carefully-crafted file and gaining root privileges.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CAN-2004-0083 and CAN-2004-0084 to these issues.
Additionally David Dawes discovered additional flaws in reading font files.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0106 to these issues.
All users of XFree86 are advised to upgrade to these erratum packages,
which contain a backported fix and are not vulnerable to these issues.
Red Hat would like to thank David Dawes from XFree86 for the patches and
notification of these issues.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.
Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
If up2date fails to connect to Red Hat Network due to SSL Certificate
Errors, you need to install a version of the up2date client with an updated
certificate. The latest version of up2date is available from the Red Hat
FTP site and may also be downloaded directly from the RHN website:
https://rhn.redhat.com/help/latest-up2date.pxt
5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):
114902 - CAN-2004-0083 XFree86 font.alias overflow
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/XFree86-4.1.0-56.EL.src.rpm
i386:
Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-Xnest-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-Xvfb-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-devel-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-doc-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-libs-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-tools-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-twm-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-xdm-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-xf86cfg-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-xfs-4.1.0-56.EL.i386.rpm
ia64:
Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-Xnest-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-Xvfb-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-devel-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-doc-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-libs-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-tools-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-twm-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-xdm-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-xfs-4.1.0-56.EL.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/XFree86-4.1.0-56.EL.src.rpm
ia64:
Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-Xnest-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-Xvfb-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-devel-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-doc-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-libs-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-tools-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-twm-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-xdm-4.1.0-56.EL.ia64.rpm
Available from Red Hat Network: XFree86-xfs-4.1.0-56.EL.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/XFree86-4.1.0-56.EL.src.rpm
i386:
Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-Xnest-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-Xvfb-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-devel-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-doc-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-libs-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-tools-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-twm-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-xdm-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-xf86cfg-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-xfs-4.1.0-56.EL.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/XFree86-4.1.0-56.EL.src.rpm
i386:
Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-Xnest-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-Xvfb-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-devel-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-doc-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-libs-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-tools-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-twm-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-xdm-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-xf86cfg-4.1.0-56.EL.i386.rpm
Available from Red Hat Network: XFree86-xfs-4.1.0-56.EL.i386.rpm
7. Verification:
MD5 sum Package Name
- - --------------------------------------------------------------------------
c61684beb0887265a0e8feca0004959d 2.1AS/en/os/SRPMS/XFree86-4.1.0-56.EL.src.rpm
14d7f1afbb4b906953883039eb157d26 2.1AS/en/os/i386/XFree86-100dpi-fonts-4.1.0-56.EL.i386.rpm
b3f22912467d5926d4ec232e44ae5474 2.1AS/en/os/i386/XFree86-4.1.0-56.EL.i386.rpm
48f10cac170ac62ef30b009614948ba4 2.1AS/en/os/i386/XFree86-75dpi-fonts-4.1.0-56.EL.i386.rpm
8e54ad13e3f5e90f013fe8e8f4e03a81 2.1AS/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.i386.rpm
e72c85af8f8d21d8c2b1b46d2c5a04ee 2.1AS/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.i386.rpm
1da0dd1af1e942156e9d91dbeb533bb5 2.1AS/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.i386.rpm
161180c6ec8a912fad1fc0981a251030 2.1AS/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.i386.rpm
7dfb70e7ce0def97795620beeea954d7 2.1AS/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.i386.rpm
5c3881334ebaa69145846a4f907935cf 2.1AS/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.i386.rpm
50dcd68ea6a9e07dee00f7d3869abc33 2.1AS/en/os/i386/XFree86-Xnest-4.1.0-56.EL.i386.rpm
69fd36a968a094990b8fe65efe2d7fed 2.1AS/en/os/i386/XFree86-Xvfb-4.1.0-56.EL.i386.rpm
5c7b8cdaeb6c0675e92b81a04d7c61e4 2.1AS/en/os/i386/XFree86-cyrillic-fonts-4.1.0-56.EL.i386.rpm
19d8591f37880e8f2bbe6b4bd8176147 2.1AS/en/os/i386/XFree86-devel-4.1.0-56.EL.i386.rpm
029df1e49a7c17c041e0386f2c69dea7 2.1AS/en/os/i386/XFree86-doc-4.1.0-56.EL.i386.rpm
e4e1bd19b3a828176c3a11c546a807f7 2.1AS/en/os/i386/XFree86-libs-4.1.0-56.EL.i386.rpm
8747d0fac1efed1e6e5e922acb4d08ef 2.1AS/en/os/i386/XFree86-tools-4.1.0-56.EL.i386.rpm
d1746f4894f083be9144be913795bdc3 2.1AS/en/os/i386/XFree86-twm-4.1.0-56.EL.i386.rpm
d0b551bede663c2a3743e5752f2dc1be 2.1AS/en/os/i386/XFree86-xdm-4.1.0-56.EL.i386.rpm
4d8ad5111c008509a2e4d23f829a2a38 2.1AS/en/os/i386/XFree86-xf86cfg-4.1.0-56.EL.i386.rpm
d3398ff570a4a598ae68b78faa7def36 2.1AS/en/os/i386/XFree86-xfs-4.1.0-56.EL.i386.rpm
97ca141234bccde8d7f7afb7598fbd56 2.1AS/en/os/ia64/XFree86-100dpi-fonts-4.1.0-56.EL.ia64.rpm
ff0a28c7f0faa129ab64643e27b63fbb 2.1AS/en/os/ia64/XFree86-4.1.0-56.EL.ia64.rpm
70871be890be6ca75667f7532e5ecf59 2.1AS/en/os/ia64/XFree86-75dpi-fonts-4.1.0-56.EL.ia64.rpm
1bc1eba638a7aef36b8265ab05a1c24c 2.1AS/en/os/ia64/XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.ia64.rpm
da708ec71a4f102d7d8094cc32e2db01 2.1AS/en/os/ia64/XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.ia64.rpm
508de46b24cbc639ed0c440f405a5be3 2.1AS/en/os/ia64/XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.ia64.rpm
39fe3032da4fdb8523fb35f9a3a49bbc 2.1AS/en/os/ia64/XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.ia64.rpm
786995ac0956e238e09d5e47b63fdbfb 2.1AS/en/os/ia64/XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.ia64.rpm
0abdcc694a9065715b7721bd3418e2a5 2.1AS/en/os/ia64/XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.ia64.rpm
6565587f1974a03886c17470974a91b4 2.1AS/en/os/ia64/XFree86-Xnest-4.1.0-56.EL.ia64.rpm
5bd863080ed43ad63cdb0f92956ebdc7 2.1AS/en/os/ia64/XFree86-Xvfb-4.1.0-56.EL.ia64.rpm
901c899bcfcf58d1a6dcd2e74ecb3c7e 2.1AS/en/os/ia64/XFree86-cyrillic-fonts-4.1.0-56.EL.ia64.rpm
8071a8b99c59a116963df6b7e4f648c3 2.1AS/en/os/ia64/XFree86-devel-4.1.0-56.EL.ia64.rpm
fe9d46bf38622a12f925249604fceec2 2.1AS/en/os/ia64/XFree86-doc-4.1.0-56.EL.ia64.rpm
f8a5b2720ca1df3c18e5c8e6c607b775 2.1AS/en/os/ia64/XFree86-libs-4.1.0-56.EL.ia64.rpm
6bd9f9e9acfdfec45de9a107a29998f9 2.1AS/en/os/ia64/XFree86-tools-4.1.0-56.EL.ia64.rpm
b6ae27a68de1cbaf51a488cd3f8acd59 2.1AS/en/os/ia64/XFree86-twm-4.1.0-56.EL.ia64.rpm
d1fdf97b2663efe6c5c7e5353503a8a9 2.1AS/en/os/ia64/XFree86-xdm-4.1.0-56.EL.ia64.rpm
996a1c5144137312a3ed5abb1090c550 2.1AS/en/os/ia64/XFree86-xfs-4.1.0-56.EL.ia64.rpm
c61684beb0887265a0e8feca0004959d 2.1AW/en/os/SRPMS/XFree86-4.1.0-56.EL.src.rpm
97ca141234bccde8d7f7afb7598fbd56 2.1AW/en/os/ia64/XFree86-100dpi-fonts-4.1.0-56.EL.ia64.rpm
ff0a28c7f0faa129ab64643e27b63fbb 2.1AW/en/os/ia64/XFree86-4.1.0-56.EL.ia64.rpm
70871be890be6ca75667f7532e5ecf59 2.1AW/en/os/ia64/XFree86-75dpi-fonts-4.1.0-56.EL.ia64.rpm
1bc1eba638a7aef36b8265ab05a1c24c 2.1AW/en/os/ia64/XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.ia64.rpm
da708ec71a4f102d7d8094cc32e2db01 2.1AW/en/os/ia64/XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.ia64.rpm
508de46b24cbc639ed0c440f405a5be3 2.1AW/en/os/ia64/XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.ia64.rpm
39fe3032da4fdb8523fb35f9a3a49bbc 2.1AW/en/os/ia64/XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.ia64.rpm
786995ac0956e238e09d5e47b63fdbfb 2.1AW/en/os/ia64/XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.ia64.rpm
0abdcc694a9065715b7721bd3418e2a5 2.1AW/en/os/ia64/XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.ia64.rpm
6565587f1974a03886c17470974a91b4 2.1AW/en/os/ia64/XFree86-Xnest-4.1.0-56.EL.ia64.rpm
5bd863080ed43ad63cdb0f92956ebdc7 2.1AW/en/os/ia64/XFree86-Xvfb-4.1.0-56.EL.ia64.rpm
901c899bcfcf58d1a6dcd2e74ecb3c7e 2.1AW/en/os/ia64/XFree86-cyrillic-fonts-4.1.0-56.EL.ia64.rpm
8071a8b99c59a116963df6b7e4f648c3 2.1AW/en/os/ia64/XFree86-devel-4.1.0-56.EL.ia64.rpm
fe9d46bf38622a12f925249604fceec2 2.1AW/en/os/ia64/XFree86-doc-4.1.0-56.EL.ia64.rpm
f8a5b2720ca1df3c18e5c8e6c607b775 2.1AW/en/os/ia64/XFree86-libs-4.1.0-56.EL.ia64.rpm
6bd9f9e9acfdfec45de9a107a29998f9 2.1AW/en/os/ia64/XFree86-tools-4.1.0-56.EL.ia64.rpm
b6ae27a68de1cbaf51a488cd3f8acd59 2.1AW/en/os/ia64/XFree86-twm-4.1.0-56.EL.ia64.rpm
d1fdf97b2663efe6c5c7e5353503a8a9 2.1AW/en/os/ia64/XFree86-xdm-4.1.0-56.EL.ia64.rpm
996a1c5144137312a3ed5abb1090c550 2.1AW/en/os/ia64/XFree86-xfs-4.1.0-56.EL.ia64.rpm
c61684beb0887265a0e8feca0004959d 2.1ES/en/os/SRPMS/XFree86-4.1.0-56.EL.src.rpm
14d7f1afbb4b906953883039eb157d26 2.1ES/en/os/i386/XFree86-100dpi-fonts-4.1.0-56.EL.i386.rpm
b3f22912467d5926d4ec232e44ae5474 2.1ES/en/os/i386/XFree86-4.1.0-56.EL.i386.rpm
48f10cac170ac62ef30b009614948ba4 2.1ES/en/os/i386/XFree86-75dpi-fonts-4.1.0-56.EL.i386.rpm
8e54ad13e3f5e90f013fe8e8f4e03a81 2.1ES/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.i386.rpm
e72c85af8f8d21d8c2b1b46d2c5a04ee 2.1ES/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.i386.rpm
1da0dd1af1e942156e9d91dbeb533bb5 2.1ES/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.i386.rpm
161180c6ec8a912fad1fc0981a251030 2.1ES/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.i386.rpm
7dfb70e7ce0def97795620beeea954d7 2.1ES/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.i386.rpm
5c3881334ebaa69145846a4f907935cf 2.1ES/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.i386.rpm
50dcd68ea6a9e07dee00f7d3869abc33 2.1ES/en/os/i386/XFree86-Xnest-4.1.0-56.EL.i386.rpm
69fd36a968a094990b8fe65efe2d7fed 2.1ES/en/os/i386/XFree86-Xvfb-4.1.0-56.EL.i386.rpm
5c7b8cdaeb6c0675e92b81a04d7c61e4 2.1ES/en/os/i386/XFree86-cyrillic-fonts-4.1.0-56.EL.i386.rpm
19d8591f37880e8f2bbe6b4bd8176147 2.1ES/en/os/i386/XFree86-devel-4.1.0-56.EL.i386.rpm
029df1e49a7c17c041e0386f2c69dea7 2.1ES/en/os/i386/XFree86-doc-4.1.0-56.EL.i386.rpm
e4e1bd19b3a828176c3a11c546a807f7 2.1ES/en/os/i386/XFree86-libs-4.1.0-56.EL.i386.rpm
8747d0fac1efed1e6e5e922acb4d08ef 2.1ES/en/os/i386/XFree86-tools-4.1.0-56.EL.i386.rpm
d1746f4894f083be9144be913795bdc3 2.1ES/en/os/i386/XFree86-twm-4.1.0-56.EL.i386.rpm
d0b551bede663c2a3743e5752f2dc1be 2.1ES/en/os/i386/XFree86-xdm-4.1.0-56.EL.i386.rpm
4d8ad5111c008509a2e4d23f829a2a38 2.1ES/en/os/i386/XFree86-xf86cfg-4.1.0-56.EL.i386.rpm
d3398ff570a4a598ae68b78faa7def36 2.1ES/en/os/i386/XFree86-xfs-4.1.0-56.EL.i386.rpm
c61684beb0887265a0e8feca0004959d 2.1WS/en/os/SRPMS/XFree86-4.1.0-56.EL.src.rpm
14d7f1afbb4b906953883039eb157d26 2.1WS/en/os/i386/XFree86-100dpi-fonts-4.1.0-56.EL.i386.rpm
b3f22912467d5926d4ec232e44ae5474 2.1WS/en/os/i386/XFree86-4.1.0-56.EL.i386.rpm
48f10cac170ac62ef30b009614948ba4 2.1WS/en/os/i386/XFree86-75dpi-fonts-4.1.0-56.EL.i386.rpm
8e54ad13e3f5e90f013fe8e8f4e03a81 2.1WS/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-56.EL.i386.rpm
e72c85af8f8d21d8c2b1b46d2c5a04ee 2.1WS/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-56.EL.i386.rpm
1da0dd1af1e942156e9d91dbeb533bb5 2.1WS/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-56.EL.i386.rpm
161180c6ec8a912fad1fc0981a251030 2.1WS/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-56.EL.i386.rpm
7dfb70e7ce0def97795620beeea954d7 2.1WS/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-56.EL.i386.rpm
5c3881334ebaa69145846a4f907935cf 2.1WS/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-56.EL.i386.rpm
50dcd68ea6a9e07dee00f7d3869abc33 2.1WS/en/os/i386/XFree86-Xnest-4.1.0-56.EL.i386.rpm
69fd36a968a094990b8fe65efe2d7fed 2.1WS/en/os/i386/XFree86-Xvfb-4.1.0-56.EL.i386.rpm
5c7b8cdaeb6c0675e92b81a04d7c61e4 2.1WS/en/os/i386/XFree86-cyrillic-fonts-4.1.0-56.EL.i386.rpm
19d8591f37880e8f2bbe6b4bd8176147 2.1WS/en/os/i386/XFree86-devel-4.1.0-56.EL.i386.rpm
029df1e49a7c17c041e0386f2c69dea7 2.1WS/en/os/i386/XFree86-doc-4.1.0-56.EL.i386.rpm
e4e1bd19b3a828176c3a11c546a807f7 2.1WS/en/os/i386/XFree86-libs-4.1.0-56.EL.i386.rpm
8747d0fac1efed1e6e5e922acb4d08ef 2.1WS/en/os/i386/XFree86-tools-4.1.0-56.EL.i386.rpm
d1746f4894f083be9144be913795bdc3 2.1WS/en/os/i386/XFree86-twm-4.1.0-56.EL.i386.rpm
d0b551bede663c2a3743e5752f2dc1be 2.1WS/en/os/i386/XFree86-xdm-4.1.0-56.EL.i386.rpm
4d8ad5111c008509a2e4d23f829a2a38 2.1WS/en/os/i386/XFree86-xf86cfg-4.1.0-56.EL.i386.rpm
d3398ff570a4a598ae68b78faa7def36 2.1WS/en/os/i386/XFree86-xfs-4.1.0-56.EL.i386.rpm
These packages are GPG signed by Red Hat for security. Our key is
available from https://www.redhat.com/security/keys.html
You can verify each package with the following command:
rpm --checksig -v <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
md5sum <filename>
8. References:
http://www.idefense.com/application/poi/display?id=72
http://www.idefense.com/application/poi/display?id=73
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0106
9. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/solutions/security/news/contact.html
Copyright 2003 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFALT5+XlSAg2UNWIIRAgO4AJ0R4pxLQp8TllknGoFjvIAtYWZQGwCePxKE
ZJAvtBPj04DOaXUJIyQkvfs=
=DcDe
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBQDBXJyh9+71yA2DNAQGk2AP+OCLhYwT+X38MJBW1RzEji+aTY7EAXeqC
4xonuODKr6KuP8PB+LYqWq8O3CTM/nEBZCJLQ3x4hpc3tATLTyV2slNALlcajvt/
isN9ixTGMeadtsGzfvWImAOfRrpDjWXZiesmI7z+B4/7GSVwpQmr+zaIyjRBJ9vV
YsKl+ICPo20=
=2Y05
-----END PGP SIGNATURE-----
|