Bugtraq mailing list archives
SECURITY: Vulnerability in libX11 (fwd)
From: slk () LINUX1 ACM RPI EDU (Simon Karpen)
Date: Thu, 29 May 1997 23:25:30 -0400
Just thought everybody would enjoy seeing credit where credit is due, for a change. :) Simon Karpen karpes () rpi edu slk () acm rpi edu slk () karpes stu rpi edu "Fixing Unix is easier than living with NT." --Larry McVoy ---------- Forwarded message ---------- Date: Thu, 29 May 1997 11:07:08 -0400 (EDT) From: Erik Troan <ewt () redhat com> Reply-To: redhat-list () redhat com To: redhat-announce-list () redhat com Subject: SECURITY: Vulnerability in libX11 Resent-Date: 29 May 1997 15:07:40 -0000 Resent-From: redhat-announce-list () redhat com Resent-cc: recipient list not shown: ; Followup-To: redhat-list () redhat com A buffer overflow has been found in one of the X11 libraries, allowing local users to gain unathorized root access to a system through any setuid root application linked against libX11. This problem affects all Red Hat Linux machine with X Windows installed. Fixes are available for Red Hat 4.x on Intel and SPARC machines. and 4.1 and 4.2 on Alpha machines. Applications which are dynamically linked may be fixed by upgrading to the -libs X package appropriate for your architecture. If you have any statically linked setuid X programs you must recompile them against the new libX11.a contained in the -devel package for your architecture. Red Hat Linux does not include any statically linked X applications so this only a problem if you've hand installed statically linked setuid applications (we don't know of any applications likely to be installed in this configuration). The upcoming release of XFree86 3.3 is not vulnerable to this problem so users may safely install 3.3 once it is available. XFree86 3.2A is vulnerable however. All packages have been PGP signed with Red Hat's public key and Red Hat encourages all users to upgrade to these new versions as soon as possbile. Alpha 4.1, 4.2 -------------- rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/XFree86-devel-3.2-10.alpha.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/XFree86-libs-3.2-10.alpha.rpm Intel 4.0, 4.1, 4.2 ------------------- rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/XFree86-devel-3.2-10.i386.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/XFree86-libs-3.2-10.i386.rpm SPARC 4.0, 4.1, 4.2 ------------------- rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/X11R6.1-devel-pl1-21.sparc.rpm rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/X11R6.1-libs-pl1-21.sparc.rpm Thanks to the readers of BUGTRAQ, the XFree86 development team, and Alexander Yuriev for help with this problem. Erik ------------------------------------------------------------------------------- | "Psychopaths kill for no reason: I kill for money." -- Grosse Pointe Blank | | | | Erik Troan = ewt () redhat com = ewt () sunsite unc edu | -- To unsubscribe: mail -s unsubscribe redhat-announce-list-request () redhat com < /dev/null
Current thread:
- Generic wrapper Joe Zbiciak (May 26)
- <Possible follow-ups>
- Re: Generic wrapper Jonathan Rozes (May 30)
- SECURITY: Vulnerability in libX11 (fwd) Simon Karpen (May 29)
- Re: Generic wrapper Joe Zbiciak (May 30)
- Re: Generic wrapper David Holland (May 30)