xorg-x11-server-1.1.1-48.26.5.3AXS3

エラータID: AXSA:2008-80:01

Release date: 
Tuesday, August 26, 2008 - 12:03
Subject: 
xorg-x11-server-1.1.1-48.26.5.3AXS3
Affected Channels: 
Asianux Server 3 for x86_64
Asianux Server 3 for ppc
Asianux Server 3 for ia64
Asianux Server 3 for x86
Severity: 
High
Description: 

X.Org is an open source implementation of the X Window System. It provides basic low-level functionality that full-fledged graphical user interfaces are designed upon.
Bugs fixed:
CVE-2008-1377
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
CVE-2008-1379
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.
CVE-2008-2360
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow.
CVE-2008-2361
Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory.
CVE-2008-2362
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.

Solution: 

Update packages

CVEs: 
CVE-2008-1377
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
CVE-2008-1379
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.
CVE-2008-2360
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow.
CVE-2008-2361
Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory.
CVE-2008-2362
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.
Additional Info: 

N/A

Download: 

Asianux Server 3 for x86
  1. xorg-x11-server-sdk-1.1.1-48.26.5.3AXS3.i386.rpm
    MD5: ea11bcca17a126fc33c29e8656c5319b
    SHA-256: 3e2b090d40de666ede88b21ccc5346ee36d5af89deb6edc598f81c9894e91636
    Size: 374.15 kB
  2. xorg-x11-server-Xdmx-1.1.1-48.26.5.3AXS3.i386.rpm
    MD5: f667a17713ef680e3cb474bdbc8c6b32
    SHA-256: e8e274afaa451a3ea7de86ab9806ec843977a68ed35ebb9198c81d7432a673f2
    Size: 919.39 kB
  3. xorg-x11-server-Xnest-1.1.1-48.26.5.3AXS3.i386.rpm
    MD5: 0f95a6c4a4a05e0e6867445a253ccf50
    SHA-256: 8a18ed49f9c18d3831280873d2de3bfab164899c2eb666fb9a65f95b7a33b316
    Size: 1.45 MB
  4. xorg-x11-server-Xorg-1.1.1-48.26.5.3AXS3.i386.rpm
    MD5: 3a3c022828bdf75184257702bce5c23c
    SHA-256: 919a6d92b39a7b9ee63e1f9cd5bd217043abdf253aab4b14b1bf9fef85ce4148
    Size: 3.24 MB
  5. xorg-x11-server-Xvfb-1.1.1-48.26.5.3AXS3.i386.rpm
    MD5: bd32d8e2ba515bda290ebdf3fb5fa4c6
    SHA-256: 3875c14b4b245153b6dccd8c4b7ead423eca7b288552d481f8f107c9e5ee476b
    Size: 1.60 MB

Asianux Server 3 for x86_64
  1. xorg-x11-server-sdk-1.1.1-48.26.5.3AXS3.x86_64.rpm
    MD5: 0ba8f6c0ec02e68c5f6868cef31e71d1
    SHA-256: 5b090bab40e35bf6c6a6ea5d290f44930d9f62ac6aced3729fafca1a530d1441
    Size: 377.04 kB
  2. xorg-x11-server-Xdmx-1.1.1-48.26.5.3AXS3.x86_64.rpm
    MD5: 8433afe347f415b94d79f72e563e2c90
    SHA-256: 6e1d85b5cbb3fafa29faf0f3c7ff270b2c5768f300c77f5ac12fe465e4774a0f
    Size: 932.46 kB
  3. xorg-x11-server-Xnest-1.1.1-48.26.5.3AXS3.x86_64.rpm
    MD5: 7c328b09e77948c1a54abb99a76701c0
    SHA-256: fb3797985aedad9d4b279e4a74997a5e4395fe05de6d599de557610bd81d85f4
    Size: 1.44 MB
  4. xorg-x11-server-Xorg-1.1.1-48.26.5.3AXS3.x86_64.rpm
    MD5: f6f99c78a3860332d2e296acf60cad73
    SHA-256: a05f44efbca223dec02567406b65ffb598bc403818954eebcf6ad76add1ed079
    Size: 3.35 MB
  5. xorg-x11-server-Xvfb-1.1.1-48.26.5.3AXS3.x86_64.rpm
    MD5: 92fd4fa3cf61ff74464c4319efaf9d30
    SHA-256: d3659e820d88a8b67ae81a0502b88cca71f544fb594b32549792d72aa8c599e2
    Size: 1.58 MB