X.Org pixmap overflow (SSA:2005-269-02)
Posted on: 09/27/2005 08:57 AM

New X.Org server packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security issue. An integer overflow in the pixmap handling code may allow the execution of arbitrary code through a specially crafted pixmap. Slackware 10.2 was patched against this vulnerability before its release, but new server packages are being issued for Slackware 10.2 and -current using an improved patch, as there were some bug reports using certain programs.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2495

Here are the details from the Slackware 10.2 ChangeLog:
+--------------------------+
patches/packages/x11-6.8.2-i486-4.tgz: Rebuilt with a modified patch for
an earlier pixmap overflow issue. The patch released by X.Org was
slightly different than the one that was circulated previously, and is
an improved version. There have been reports that the earlier patch
broke WINE and possibly some other programs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2495
(* Security fix *)
patches/packages/x11-xdmx-6.8.2-i486-4.tgz: Patched and rebuilt.
patches/packages/x11-xnest-6.8.2-i486-4.tgz: Patched and rebuilt.
patches/packages/x11-xvfb-6.8.2-i486-4.tgz: Patched and rebuilt.
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated packages for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/x11-6.7.0-i486-5.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/x11-xnest-6.7.0-i486-5.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/x11-xprt-6.7.0-i486-5.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/x11-xvfb-6.7.0-i486-5.tgz

Updated packages for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/x11-6.8.1-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/x11-xdmx-6.8.1-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/x11-xnest-6.8.1-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/x11-xvfb-6.8.1-i486-4.tgz

Updated packages for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/x11-6.8.2-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/x11-xdmx-6.8.2-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/x11-xnest-6.8.2-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/x11-xvfb-6.8.2-i486-4.tgz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/x11-6.8.2-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/x11-xdmx-6.8.2-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/x11-xnest-6.8.2-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/x/x11-xvfb-6.8.2-i486-4.tgz


MD5 signatures:
+-------------+

Slackware 10.0 packages:
1bc91e0bcc5ec6a9c14d728c51183fd7 x11-6.7.0-i486-5.tgz
6180731d856ba85a3fc969db38a13b2b x11-xnest-6.7.0-i486-5.tgz
712b35b6be7c7a9c842c0b8e1bdf8c83 x11-xprt-6.7.0-i486-5.tgz
5a90472a1b26654ba7bacfba36543b6d x11-xvfb-6.7.0-i486-5.tgz

Slackware 10.1 packages:
8c4c1d22b905e1f6dfc8e4721fdf63ec x11-6.8.1-i486-4.tgz
b99d32111d356b0d2aee411c225410a0 x11-xdmx-6.8.1-i486-4.tgz
32f38f8460e3497306a733bfa99734f4 x11-xnest-6.8.1-i486-4.tgz
0bbf1cef5073760df8a8da9ae62d8d9c x11-xvfb-6.8.1-i486-4.tgz

Slackware 10.2 packages:
0eb01e379a10ff71e12839eab4d42e75 x11-6.8.2-i486-4.tgz
c62c307abeeea2a046294cc6ce034293 x11-xdmx-6.8.2-i486-4.tgz
96244507602c137f5fd068517e283c54 x11-xnest-6.8.2-i486-4.tgz
9504e79008fe9547f2e5a834f4466253 x11-xvfb-6.8.2-i486-4.tgz

Slackware -current packages:
0eb01e379a10ff71e12839eab4d42e75 x11-6.8.2-i486-4.tgz
c62c307abeeea2a046294cc6ce034293 x11-xdmx-6.8.2-i486-4.tgz
96244507602c137f5fd068517e283c54 x11-xnest-6.8.2-i486-4.tgz
9504e79008fe9547f2e5a834f4466253 x11-xvfb-6.8.2-i486-4.tgz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg x11-6.8.2-i486-4.tgz

And, if you use these optional servers:

# upgradepkg x11-xdmx-6.8.2-i486-4.tgz
# upgradepkg x11-xnest-6.8.2-i486-4.tgz
# upgradepkg x11-xvfb-6.8.2-i486-4.tgz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/xorg_pixmap_overflow_ssa2005_269_02.html)