-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 14 Feb 2004 13:44:41 -0500
Source: xfree86
Binary: xserver-common xlibs-dev xfs xfree86-common xfonts-pex x-window-system xlibmesa-dev xspecs xlibmesa3 xfonts-cyrillic xlibmesa3-dbg xserver-xfree86 xlibs-dbg libxaw6 libxaw7 xterm xvfb xfonts-scalable xfonts-75dpi xlib6g proxymngr libxaw6-dev xlibs-pic libdps1-dbg xlib6g-dev xfonts-base xutils libxaw7-dev xnest xlibs libxaw6-dbg xmh lbxproxy libxaw7-dbg xfonts-base-transcoded xbase-clients xprt xlibosmesa3 x-window-system-core xlibosmesa-dev twm xfwp xfonts-100dpi-transcoded xlibosmesa3-dbg xfonts-100dpi xdm libdps-dev xfonts-75dpi-transcoded libdps1
Architecture: source all powerpc
Version: 4.1.0-16woody3
Distribution: stable-security
Urgency: high
Maintainer: Branden Robinson <branden@debian.org>
Changed-By: Branden Robinson <branden@debian.org>
Description: 
 lbxproxy   - Low Bandwidth X (LBX) proxy server
 libdps-dev - Display PostScript (DPS) client library development files
 libdps1    - Display PostScript (DPS) client library
 libdps1-dbg - Display PostScript (DPS) client library (unstripped)
 libxaw6    - X Athena widget set library (version 6)
 libxaw6-dbg - X Athena widget set library (version 6) (unstripped)
 libxaw6-dev - X Athena widget set library development files (version 6)
 libxaw7    - X Athena widget set library
 libxaw7-dbg - X Athena widget set library (unstripped)
 libxaw7-dev - X Athena widget set library development files
 proxymngr  - X proxy services manager
 twm        - Tab window manager
 x-window-system - X Window System
 x-window-system-core - X Window System core components
 xbase-clients - miscellaneous X clients
 xdm        - X display manager
 xfonts-100dpi - 100 dpi fonts for X
 xfonts-100dpi-transcoded - 100 dpi fonts for X (transcoded from ISO 10646-1)
 xfonts-75dpi - 75 dpi fonts for X
 xfonts-75dpi-transcoded - 75 dpi fonts for X (transcoded from ISO 10646-1)
 xfonts-base - standard fonts for X
 xfonts-base-transcoded - standard fonts for X (transcoded from ISO 10646-1)
 xfonts-cyrillic - Cyrillic fonts for X
 xfonts-pex - fonts for minimal PEX support in X
 xfonts-scalable - scalable fonts for X
 xfree86-common - X Window System (XFree86) infrastructure
 xfs        - X font server
 xfwp       - X firewall proxy server
 xlib6g     - pseudopackage providing X libraries
 xlib6g-dev - pseudopackage providing X library development files
 xlibmesa-dev - XFree86 version of Mesa 3D graphics library development files
 xlibmesa3  - XFree86 version of Mesa 3D graphics library
 xlibmesa3-dbg - XFree86 version of Mesa 3D graphics library (unstripped)
 xlibosmesa-dev - Mesa/XFree86 off-screen rendering library development files
 xlibosmesa3 - Mesa/XFree86 off-screen rendering library
 xlibosmesa3-dbg - Mesa/XFree86 off-screen rendering library (unstripped)
 xlibs      - X Window System client libraries
 xlibs-dbg  - X Window System client libraries (unstripped)
 xlibs-dev  - X Window System client library development files
 xlibs-pic  - X Window System client extension library PIC archives
 xmh        - X interface to the MH mail system
 xnest      - nested X server
 xprt       - X print server
 xserver-common - files and utilities common to all X servers
 xserver-xfree86 - the XFree86 X server
 xspecs     - X protocol, extension, and library technical specifications
 xterm      - X terminal emulator
 xutils     - X Window System utility programs
 xvfb       - virtual framebuffer X server
Closes: 232378
Changes: 
 xfree86 (4.1.0-16woody3) stable-security; urgency=high
 .
   * Security update release.  Resolves the following issues:
     + CAN-2004-0083: Buffer overflow in ReadFontAlias from dirfile.c of
       XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to
       execute arbitrary code via a font alias file (font.alias) with a long
       token, a different vulnerability than CAN-2004-0084.
     + CAN-2004-0084: Buffer overflow in the ReadFontAlias function in XFree86
       4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows
       local or remote authenticated users to execute arbitrary code via a
       malformed entry in the font alias (font.alias) file, a different
       vulnerability than CAN-2004-0083.
     + CAN-2004-0106: Miscellaneous additional flaws in XFree86's handling of
       font files.
 .
   * Fix multiple buffer overflows and insufficiently rigorous input validation
     in the X11R6 fontfile library.  (Closes: #232378)
     - debian/patches/075_SECURITY_libfontfile_vulnerabilities.diff
Files: 
 596b339b1a1ab8c1aeebe949a7e77076 1512 x11 optional xfree86_4.1.0-16woody3.dsc
 d0ab158eaf2b1a49d17470b138e99fe8 1600904 x11 optional xfree86_4.1.0-16woody3.diff.gz
 5d8f6ac912a0d6393d723c9f1fd7a30a 141688 x11 optional lbxproxy_4.1.0-16woody3_powerpc.deb
 a2c1ce81c328bde25700f2bb686b9744 188196 libs optional libdps1_4.1.0-16woody3_powerpc.deb
 f7387a966a0295877e1b73eafa01e7c4 446284 devel extra libdps1-dbg_4.1.0-16woody3_powerpc.deb
 459e5600dcd650f92dd0e3fc09298b97 260342 devel optional libdps-dev_4.1.0-16woody3_powerpc.deb
 6eb85b46e04c9ad87668617b76f14d77 179146 libs optional libxaw6_4.1.0-16woody3_powerpc.deb
 1336f503499daf50e05c2a4d8ed8ab30 356494 devel extra libxaw6-dbg_4.1.0-16woody3_powerpc.deb
 b6ad41d18c7c5f76aee16ae9d2257603 331300 devel extra libxaw6-dev_4.1.0-16woody3_powerpc.deb
 14c3641ab8b52685b124ce4a42b17244 232710 libs optional libxaw7_4.1.0-16woody3_powerpc.deb
 646f1c7b4f6324bf6b29139a89f22b76 469672 devel extra libxaw7-dbg_4.1.0-16woody3_powerpc.deb
 bc6972d7dab4233a1c3c425b3cf6d982 331182 devel optional libxaw7-dev_4.1.0-16woody3_powerpc.deb
 6ed2aa23b6640dc12ea23d2d74ac5cd0 77170 x11 optional proxymngr_4.1.0-16woody3_powerpc.deb
 7ede632462377c5b80a8c7ab1813f605 160680 x11 optional twm_4.1.0-16woody3_powerpc.deb
 9c26eac8b97110a2b3d9dac3465a7d4a 1609750 x11 optional xbase-clients_4.1.0-16woody3_powerpc.deb
 363beb5d4466731d0963705d18f438d7 172740 x11 optional xdm_4.1.0-16woody3_powerpc.deb
 ef788be207b5b1882db5b1993fc4fc58 305000 x11 optional xfs_4.1.0-16woody3_powerpc.deb
 d15650f220724693bcea3002bd93fab3 82622 x11 optional xfwp_4.1.0-16woody3_powerpc.deb
 3589ed13a56663b0d878aba61258af85 2449226 libs optional xlibmesa3_4.1.0-16woody3_powerpc.deb
 f3600ca3d72ee4b97ad177ffb71f05a7 924090 devel extra xlibmesa3-dbg_4.1.0-16woody3_powerpc.deb
 2226aba1b10c9bc5491e407286490202 606554 devel optional xlibmesa-dev_4.1.0-16woody3_powerpc.deb
 e8d4f240f9657023e683042251048b0f 530620 libs optional xlibosmesa3_4.1.0-16woody3_powerpc.deb
 cf82db9facb815cdd4a0c44f32053d3a 1087642 devel extra xlibosmesa3-dbg_4.1.0-16woody3_powerpc.deb
 5efd24ce16723f5806677e700d766c8d 623642 devel optional xlibosmesa-dev_4.1.0-16woody3_powerpc.deb
 637d64b4337390dcdc031ec0263198d3 1300056 libs optional xlibs_4.1.0-16woody3_powerpc.deb
 2cf672ff5c6fb7c0f892866af644802a 2702230 devel extra xlibs-dbg_4.1.0-16woody3_powerpc.deb
 19584d96a2b97df32e24960fa141e86e 2985720 devel optional xlibs-dev_4.1.0-16woody3_powerpc.deb
 28ca3422b9eb0e399cb78bb971589e14 76884 devel optional xlibs-pic_4.1.0-16woody3_powerpc.deb
 78ad7d60868ca6df44aed2dfdbdf3ab6 132720 mail extra xmh_4.1.0-16woody3_powerpc.deb
 99f57982ce0159a3774622e55c5be87d 1580382 x11 optional xnest_4.1.0-16woody3_powerpc.deb
 203fa9dbca10b4ffdd7bff2875855d4e 1275154 x11 optional xprt_4.1.0-16woody3_powerpc.deb
 1cbe6acc3ac77a17a9e432379b67f0cc 219816 x11 optional xserver-common_4.1.0-16woody3_powerpc.deb
 b2699b6747636c06d994ac08c125929b 4618298 x11 optional xserver-xfree86_4.1.0-16woody3_powerpc.deb
 68cedf02482d7ba2a94c60b1d48f3285 493434 x11 optional xterm_4.1.0-16woody3_powerpc.deb
 2ecd74b15ba79ad00c4617cbfc06231a 604600 x11 optional xutils_4.1.0-16woody3_powerpc.deb
 329da11ba0737925e303e1fc7b7530dc 1708798 x11 optional xvfb_4.1.0-16woody3_powerpc.deb
 1e1c14b6186264096045ad0e8e3d8be3 60662 x11 optional x-window-system-core_4.1.0-16woody3_powerpc.deb
 379489c2b77427f1640525568e5ba4c0 4442612 x11 optional xfonts-100dpi_4.1.0-16woody3_all.deb
 23dcab5cbf8daffe02eb6cded5da96b4 8333716 x11 optional xfonts-100dpi-transcoded_4.1.0-16woody3_all.deb
 eb3ecbf1e2a453af48de6b9fb8e23f2f 3931790 x11 optional xfonts-75dpi_4.1.0-16woody3_all.deb
 0e2b47660cbe103fbd67275e55c7da53 7225924 x11 optional xfonts-75dpi-transcoded_4.1.0-16woody3_all.deb
 f0e09d48bd43a2ebdcb0da701a67ce7f 5028916 x11 optional xfonts-base_4.1.0-16woody3_all.deb
 30257b1f4ff435f24a1a96f0820f0119 1105542 x11 optional xfonts-base-transcoded_4.1.0-16woody3_all.deb
 8615a5fcf78891348f4c50c313521ac3 438692 x11 optional xfonts-cyrillic_4.1.0-16woody3_all.deb
 f1a392f48015c2a4f3d807e90b92206f 69028 x11 optional xfonts-pex_4.1.0-16woody3_all.deb
 57c31f9b88ab300aa4e3e7ccc18ce295 796336 x11 optional xfonts-scalable_4.1.0-16woody3_all.deb
 82e23de457972fd31f730732b6f6a41c 546502 x11 optional xfree86-common_4.1.0-16woody3_all.deb
 81a67b7f40cf5c549de8127d19d5227d 4165232 x11 optional xspecs_4.1.0-16woody3_all.deb
 228d65986f75e12b67707cb3fe90026f 60644 libs optional xlib6g_4.1.0-16woody3_all.deb
 66db4157ce3571aaf69431a9dc57b91d 60446 devel optional xlib6g-dev_4.1.0-16woody3_all.deb
 27fbccef0a1e87466eae49534b492f32 60486 x11 optional x-window-system_4.1.0-16woody3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iEYEARECAAYFAkAwbtEACgkQ6kxmHytGonzNPwCfXFExmxBKGRaYNZ+yiorMiJ51
SMIAnRqFemXbIq4j50Tv3LCyG59979lA
=ohWx
-----END PGP SIGNATURE-----