FLSA-2005:2314: Updated XFree86 packages fix security flaws
Posted on: 03/02/2005 10:51 AM

Updated XFree86 packages are available for Red Hat Linux 7.3, 9, and Fedora Core 1

-----------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated XFree86 resolves security vulnerabilities
Advisory ID: FLSA:2314
Issue date: 2005-03-01
Product: Red Hat Linux
Product: Fedora Core
Keywords: Security
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2314
CVE Names: CAN-2004-0083, CAN-2004-0084, CAN-2004-0106,
CAN-2004-0419, CAN-2004-0687, CAN-2004-0688,
CAN-2004-0692, CAN-2004-0914
-----------------------------------------------------------------------


-----------------------------------------------------------------------
1. Topic:

Updated XFree86 packages that fix multiple security flaws are now available.

XFree86 is an open source implementation of the X Window System. It provides the basic low level functionality which full fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386

3. Problem description:

Note that some of these issues have already been fixed in Redhat 9 and Fedora Core 1. Please refer to previous advisories for details.

iDefense discovered two buffer overflows in the parsing of the 'font.alias' file. A local attacker could exploit this vulnerability by creating a carefully-crafted file and gaining root privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2004-0083 and CAN-2004-0084 to these issues.

Additionally David Dawes discovered additional flaws in reading font files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0106 to these issues.

Steve Rumble discovered that xdm in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0419 to these issues.

During a source code audit, Chris Evans discovered several stack overflow flaws and an integer overflow flaw in the X.Org libXpm library used to decode XPM (X PixMap) images. An attacker could create a carefully crafted XPM file which would cause an application to crash or potentially execute
arbitrary code if opened by a victim. The Common vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2004-0687, CAN-2004-0688, CAN-2004-0692 and CAN-2004-0914 to these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.

Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www.fedoralegacy.org/docs/ for directions on how to configure yum and apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us - 1289 -
XFree86 Font Information File Buffer Overflow
http://bugzilla.fedora.us - 1831 -
CAN-2004-0419 - XDM in XFree86 socket open vulnerability
http://bugzilla.fedora.us - 2075 -
CAN-2004-0687,0688 libXpm stack and integer overflows
http://bugzilla.fedora.us - 2314 -
XFree86 libXpm Multiple Vulnerabilities CAN-2004-0914

6. RPMs required:

Red Hat Linux 7.3:

SRPM:

http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/XFree86-4.2.1-16.
73.30.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-100dpi-fon
ts-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-4.2.1-16.7
3.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-75dpi-font
s-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-base-fonts
-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-cyrillic-f
onts-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-devel-4.2.
1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-doc-4.2.1-
16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-font-utils
-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-ISO8859-15
-100dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-ISO8859-15
-75dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-ISO8859-2-
100dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-ISO8859-2-
75dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-ISO8859-9-
100dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-ISO8859-9-
75dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-libs-4.2.1
-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-tools-4.2.
1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-truetype-f
onts-4.2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-twm-4.2.1-
16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-xdm-4.2.1-
16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-xf86cfg-4.
2.1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-xfs-4.2.1-
16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-Xnest-4.2.
1-16.73.30.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/XFree86-Xvfb-4.2.1
-16.73.30.legacy.i386.rpm

Red Hat Linux 9:

SRPM:

http://download.fedoralegacy.org/redhat/9/updates/SRPMS/XFree86-4.3.0-2.90.
60.legacy.src.rpm

i386:


http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-100dpi-fonts
-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-4.3.0-2.90.6
0.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-75dpi-fonts-
4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-base-fonts-4
.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-cyrillic-fon
ts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-devel-4.3.0-
2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-doc-4.3.0-2.
90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-font-utils-4
.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-ISO8859-14-1
00dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-ISO8859-14-7
5dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-ISO8859-15-1
00dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-ISO8859-15-7
5dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-ISO8859-2-10
0dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-ISO8859-2-75
dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-ISO8859-9-10
0dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-ISO8859-9-75
dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-libs-4.3.0-2
.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-libs-data-4.
3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-Mesa-libGL-4
.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-Mesa-libGLU-
4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-sdk-4.3.0-2.
90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-syriac-fonts
-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-tools-4.3.0-
2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-truetype-fon
ts-4.3.0-2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-twm-4.3.0-2.
90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-xauth-4.3.0-
2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-xdm-4.3.0-2.
90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-xfs-4.3.0-2.
90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-Xnest-4.3.0-
2.90.60.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/XFree86-Xvfb-4.3.0-2
.90.60.legacy.i386.rpm

Fedora Core 1:

SRPM:

http://download.fedoralegacy.org/fedora/1/updates/SRPMS/XFree86-4.3.0-59.le
gacy.src.rpm

i386:

http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-100dpi-fonts
-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-4.3.0-59.leg
acy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-75dpi-fonts-
4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-base-fonts-4
.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-cyrillic-fon
ts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-devel-4.3.0-
59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-doc-4.3.0-59
.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-font-utils-4
.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-ISO8859-14-1
00dpi-fonts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-ISO8859-14-7
5dpi-fonts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-ISO8859-15-1
00dpi-fonts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-ISO8859-15-7
5dpi-fonts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-ISO8859-2-10
0dpi-fonts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-ISO8859-2-75
dpi-fonts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-ISO8859-9-10
0dpi-fonts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-ISO8859-9-75
dpi-fonts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-libs-4.3.0-5
9.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-libs-data-4.
3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-Mesa-libGL-4
.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-Mesa-libGLU-
4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-sdk-4.3.0-59
.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-syriac-fonts
-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-tools-4.3.0-
59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-truetype-fon
ts-4.3.0-59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-twm-4.3.0-59
.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-xauth-4.3.0-
59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-xdm-4.3.0-59
.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-xfs-4.3.0-59
.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-Xnest-4.3.0-
59.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/XFree86-Xvfb-4.3.0-5
9.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name
---------------------------------------------------------------------------

2c38279e15e8510c85400780da3ee41b57b81ffa redhat/7.3/updates/SRPMS/XFree86-
4.2.1-16.73.30.legacy.src.rpm
dc1ac97e2f0077915a4f3d56dd32d14c0429faa6 redhat/7.3/updates/i386/XFree86-1
00dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
df4fac2134c20410c7df415c7ced94ccc08cf36b redhat/7.3/updates/i386/XFree86-4
.2.1-16.73.30.legacy.i386.rpm
c6e3b08145f73a85be39e301ac2df2015c37a036 redhat/7.3/updates/i386/XFree86-7
5dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
f0bec0c03de0c977be1d5b4e34b09dd348f34c14 redhat/7.3/updates/i386/XFree86-b
ase-fonts-4.2.1-16.73.30.legacy.i386.rpm
794fb0cf67a1b1ef84d247fc90a0138e70d85c4f redhat/7.3/updates/i386/XFree86-c
yrillic-fonts-4.2.1-16.73.30.legacy.i386.rpm
ac82944f56aba63f6d64068ddc5a6bd4e55fae94 redhat/7.3/updates/i386/XFree86-d
evel-4.2.1-16.73.30.legacy.i386.rpm
a3b4043417d7069f095471daf2f72153f9a31ea4 redhat/7.3/updates/i386/XFree86-d
oc-4.2.1-16.73.30.legacy.i386.rpm
1c28ae585d90ad3bd73e4cb6eff32035d54dbec9 redhat/7.3/updates/i386/XFree86-f
ont-utils-4.2.1-16.73.30.legacy.i386.rpm
ab51270528cb8970f19d21c35de093840c9eacc4 redhat/7.3/updates/i386/XFree86-I
SO8859-15-100dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
d06490ffd58c498b6c3392a02e2f1f52368c1699 redhat/7.3/updates/i386/XFree86-I
SO8859-15-75dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
81c5bb28ee0493c53dbee38f8312f73279481e49 redhat/7.3/updates/i386/XFree86-I
SO8859-2-100dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
8a9d4c1ea6f3dddd0787009015e3bf66d194beb3 redhat/7.3/updates/i386/XFree86-I
SO8859-2-75dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
b65333c64e90524b437c1c5ffe0a1eded2deab9d redhat/7.3/updates/i386/XFree86-I
SO8859-9-100dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
5f0cbdd132954a813d2e4b187d37f9e4e4613a32 redhat/7.3/updates/i386/XFree86-I
SO8859-9-75dpi-fonts-4.2.1-16.73.30.legacy.i386.rpm
d4ee4c7adf9e6a6f533a09cabfcfe9b6f11f8628 redhat/7.3/updates/i386/XFree86-l
ibs-4.2.1-16.73.30.legacy.i386.rpm
af869d4a76601d739a90c05cac61f2112ad753e5 redhat/7.3/updates/i386/XFree86-t
ools-4.2.1-16.73.30.legacy.i386.rpm
629b596d824fb31558eef1eef05dd6b63ce2a15b redhat/7.3/updates/i386/XFree86-t
ruetype-fonts-4.2.1-16.73.30.legacy.i386.rpm
fe63ec2dd3f402ee2e9f05417969c58f276e3d8a redhat/7.3/updates/i386/XFree86-t
wm-4.2.1-16.73.30.legacy.i386.rpm
95ef4f17e9e282b48979c3b491447738679b5b3e redhat/7.3/updates/i386/XFree86-x
dm-4.2.1-16.73.30.legacy.i386.rpm
a52fa2bebe3f9aa2fa37409ddf4aa57b01abd435 redhat/7.3/updates/i386/XFree86-x
f86cfg-4.2.1-16.73.30.legacy.i386.rpm
7bc973b06812281b3c102a9721cd824747b8b8a8 redhat/7.3/updates/i386/XFree86-x
fs-4.2.1-16.73.30.legacy.i386.rpm
18d0442ed2d6a31eaf870c6ab7d727b2f6696351 redhat/7.3/updates/i386/XFree86-X
nest-4.2.1-16.73.30.legacy.i386.rpm
77215ad43ad1b77f6f1527af7d642ad6c5dc40ce redhat/7.3/updates/i386/XFree86-X
vfb-4.2.1-16.73.30.legacy.i386.rpm

ff7072e0b55decdd13453ce3532588c32597de61 redhat/9/updates/SRPMS/XFree86-4.
3.0-2.90.60.legacy.src.rpm
ed4d03ede26a89422825ad18ce6e14a7831927eb redhat/9/updates/i386/XFree86-100
dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
f4f99ff79a7d1eeca726cb61a536c5884bbdadac redhat/9/updates/i386/XFree86-4.3
.0-2.90.60.legacy.i386.rpm
dc9b89287ea04b5acafac200f8c8483cbdb74cce redhat/9/updates/i386/XFree86-75d
pi-fonts-4.3.0-2.90.60.legacy.i386.rpm
f8210a9eb148259a1d402dfdd7f58075dfd022a6 redhat/9/updates/i386/XFree86-bas
e-fonts-4.3.0-2.90.60.legacy.i386.rpm
caad110605ae0aaa91f93cd79d9bea5d3ae73431 redhat/9/updates/i386/XFree86-cyr
illic-fonts-4.3.0-2.90.60.legacy.i386.rpm
6502feec18a9e2f325551f90c8a2a3e260f1915a redhat/9/updates/i386/XFree86-dev
el-4.3.0-2.90.60.legacy.i386.rpm
b9c797cc7202aa43c824474713b1fee447039b1f redhat/9/updates/i386/XFree86-doc
-4.3.0-2.90.60.legacy.i386.rpm
b4efa8b07bfc3c5a4441b89acd02266c1618d138 redhat/9/updates/i386/XFree86-fon
t-utils-4.3.0-2.90.60.legacy.i386.rpm
db7c826e976913123caae9bc20303655c758a047 redhat/9/updates/i386/XFree86-ISO
8859-14-100dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
23f5c9db2e532aabdc6f47f629458d69da92d303 redhat/9/updates/i386/XFree86-ISO
8859-14-75dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
14d720d254b1f26633ebee78b76273f38b8ee46b redhat/9/updates/i386/XFree86-ISO
8859-15-100dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
dffce9814a821f9d4b4703bfb98e5aa04ef221bc redhat/9/updates/i386/XFree86-ISO
8859-15-75dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
70b0606839ef7c14eff38851e2fab6a7896992dc redhat/9/updates/i386/XFree86-ISO
8859-2-100dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
01fa202f3915e2d6a123f150e367feff82d42d1f redhat/9/updates/i386/XFree86-ISO
8859-2-75dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
e640fe73f9f6769d38d59fa01bdce78e2ef71bdd redhat/9/updates/i386/XFree86-ISO
8859-9-100dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
f253cb5b83610f7168762978335beef8b45a3f59 redhat/9/updates/i386/XFree86-ISO
8859-9-75dpi-fonts-4.3.0-2.90.60.legacy.i386.rpm
694f32b8c7a4be52008de92f41347e3af51ee9e7 redhat/9/updates/i386/XFree86-lib
s-4.3.0-2.90.60.legacy.i386.rpm
95f6355f42e885ff21d87788975c28adbc2b75e9 redhat/9/updates/i386/XFree86-lib
s-data-4.3.0-2.90.60.legacy.i386.rpm
1b88a4c736fd2aa5409d4ee23ad626aa95c9c816 redhat/9/updates/i386/XFree86-Mes
a-libGL-4.3.0-2.90.60.legacy.i386.rpm
18d4247c77182cd7cd569b949a5483a968043723 redhat/9/updates/i386/XFree86-Mes
a-libGLU-4.3.0-2.90.60.legacy.i386.rpm
3335a0096695baa109f35c64c9ead7a3072fc28c redhat/9/updates/i386/XFree86-sdk
-4.3.0-2.90.60.legacy.i386.rpm
d069175adc265f31b0ff48ea78cdd59203146ab9 redhat/9/updates/i386/XFree86-syr
iac-fonts-4.3.0-2.90.60.legacy.i386.rpm
0a6ae9b0f3b640ce528ef153e33536c6ba4b9d2f redhat/9/updates/i386/XFree86-too
ls-4.3.0-2.90.60.legacy.i386.rpm
b78bfd843f2c6a9cb31957ad6ab2dbf6c4d25632 redhat/9/updates/i386/XFree86-tru
etype-fonts-4.3.0-2.90.60.legacy.i386.rpm
f72ff04509739828871044b8e246bbb98cb26500 redhat/9/updates/i386/XFree86-twm
-4.3.0-2.90.60.legacy.i386.rpm
b1043925fffe7bd714d025372242778a6f03e7ed redhat/9/updates/i386/XFree86-xau
th-4.3.0-2.90.60.legacy.i386.rpm
3ed9fb9f0de675fe92b671e1d0432bda531daa41 redhat/9/updates/i386/XFree86-xdm
-4.3.0-2.90.60.legacy.i386.rpm
6aff7d5ff0e5f5e22c471c9113bffa25fd6b5478 redhat/9/updates/i386/XFree86-xfs
-4.3.0-2.90.60.legacy.i386.rpm
42f8c36e72ae33cdc98b4a2e78771fa3f121351c redhat/9/updates/i386/XFree86-Xne
st-4.3.0-2.90.60.legacy.i386.rpm
67c6176f5d673238b58ae3f79d446ab0da258607 redhat/9/updates/i386/XFree86-Xvf
b-4.3.0-2.90.60.legacy.i386.rpm

f506c7f1286ed9d252840d56e5bfd3e10323f260 fedora/1/updates/SRPMS/XFree86-4.
3.0-59.legacy.src.rpm
41dc2c5e92530ee276092e7a6ef0711242a6d802 fedora/1/updates/i386/XFree86-100
dpi-fonts-4.3.0-59.legacy.i386.rpm
e0e6865d27c7ef62fff9cae59adc0d241901435f fedora/1/updates/i386/XFree86-4.3
.0-59.legacy.i386.rpm
21e69dd9ba1e1561b2d13be7d992975dca4326e0 fedora/1/updates/i386/XFree86-75d
pi-fonts-4.3.0-59.legacy.i386.rpm
19089ae7b10a16531a050f26e924ff7afd6cab84 fedora/1/updates/i386/XFree86-bas
e-fonts-4.3.0-59.legacy.i386.rpm
5ef293ae847c995d39f41c57821739e3cc3bb74b fedora/1/updates/i386/XFree86-cyr
illic-fonts-4.3.0-59.legacy.i386.rpm
97bd48f5887c5b8c2a5a6739e0a931af4f99e6af fedora/1/updates/i386/XFree86-dev
el-4.3.0-59.legacy.i386.rpm
8d254544eed188d5c2fbc5fa303dceda6886d3cb fedora/1/updates/i386/XFree86-doc
-4.3.0-59.legacy.i386.rpm
2c1974d8dc69f98957358724c72d36c2d74eb0b7 fedora/1/updates/i386/XFree86-fon
t-utils-4.3.0-59.legacy.i386.rpm
b43e195b60add11ebed29c840655986aefae4bdb fedora/1/updates/i386/XFree86-ISO
8859-14-100dpi-fonts-4.3.0-59.legacy.i386.rpm
93d3b1c7f1ccb4774b2db353dd031767c3389c58 fedora/1/updates/i386/XFree86-ISO
8859-14-75dpi-fonts-4.3.0-59.legacy.i386.rpm
8a3b08dfea526be7655f7f3f2bfe0935167ca326 fedora/1/updates/i386/XFree86-ISO
8859-15-100dpi-fonts-4.3.0-59.legacy.i386.rpm
50c0018cd62b5a09c0becc2c7fb125cb11aaed86 fedora/1/updates/i386/XFree86-ISO
8859-15-75dpi-fonts-4.3.0-59.legacy.i386.rpm
50691dd23bd82ac66f894561d52ae4f30d9e6be4 fedora/1/updates/i386/XFree86-ISO
8859-2-100dpi-fonts-4.3.0-59.legacy.i386.rpm
f1e8391db079f6479c47b31f02d283eb64e1b372 fedora/1/updates/i386/XFree86-ISO
8859-2-75dpi-fonts-4.3.0-59.legacy.i386.rpm
b4f1a8aaab2168d801239de9ec4631b5f5f952c5 fedora/1/updates/i386/XFree86-ISO
8859-9-100dpi-fonts-4.3.0-59.legacy.i386.rpm
c90c9f1086ade943c819159e1e9c4da609ee20bc fedora/1/updates/i386/XFree86-ISO
8859-9-75dpi-fonts-4.3.0-59.legacy.i386.rpm
6969c834e092c7f17d736ae4ab7d13020446b088 fedora/1/updates/i386/XFree86-lib
s-4.3.0-59.legacy.i386.rpm
40401fae64837023cf5ad321914ed35b0569e1fb fedora/1/updates/i386/XFree86-lib
s-data-4.3.0-59.legacy.i386.rpm
c77ae20f5e95c2013ab5b79c747c50a1aeb2ff9f fedora/1/updates/i386/XFree86-Mes
a-libGL-4.3.0-59.legacy.i386.rpm
6acb61f2ccb56125b8bb6b0bbb33aca393b41bfa fedora/1/updates/i386/XFree86-Mes
a-libGLU-4.3.0-59.legacy.i386.rpm
b5ed6846d3c5267890f75bb2967719a77251077b fedora/1/updates/i386/XFree86-sdk
-4.3.0-59.legacy.i386.rpm
a2593f5ad70cf863bc1a50065d4cf959c396b290 fedora/1/updates/i386/XFree86-syr
iac-fonts-4.3.0-59.legacy.i386.rpm
77ef806dd3a962e13300cfaafc5761cd453e42fd fedora/1/updates/i386/XFree86-too
ls-4.3.0-59.legacy.i386.rpm
004636b99489d8d9d0da9a89d112fbca85b51e7b fedora/1/updates/i386/XFree86-tru
etype-fonts-4.3.0-59.legacy.i386.rpm
61442fea052c2c9bb4cd52b836f83be39dd51645 fedora/1/updates/i386/XFree86-twm
-4.3.0-59.legacy.i386.rpm
adee8168ca51a34a7f33a1af4e51ad2409a244fb fedora/1/updates/i386/XFree86-xau
th-4.3.0-59.legacy.i386.rpm
60bc51efdcfa0e4062404ba4e7083e9927f16e33 fedora/1/updates/i386/XFree86-xdm
-4.3.0-59.legacy.i386.rpm
ffbeaab8ac66e40cac0eeac685a8567bda43517b fedora/1/updates/i386/XFree86-xfs
-4.3.0-59.legacy.i386.rpm
23b0cdbf749a8eadb3dce701ab4bfd57e65777fe fedora/1/updates/i386/XFree86-Xne
st-4.3.0-59.legacy.i386.rpm
7ee79dd5f9a1efd0d2881c0d426951b9c9eac44f fedora/1/updates/i386/XFree86-Xvf
b-4.3.0-59.legacy.i386.rpm

These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

rpm --checksig -v lt;filenamegt;

If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command:

sha1sum lt;filenamegt;

8. References:

https://rhn.redhat.com/errata/RHSA-2004-060.html
https://rhn.redhat.com/errata/RHSA-2004-478.html
https://rhn.redhat.com/errata/RHSA-2004-610.html

9. Contact:

The Fedora Legacy security contact is lt;secnotice@fedoralegacy.orggt;. More project details at http://www.fedoralegacy.org



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/flsa_20052314_updated_xfree86_packages_fix_security_flaws.html)