-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 14 Feb 2004 13:44:41 -0500 Source: xfree86 Binary: xserver-common xlibs-dev xfs xfree86-common xfonts-pex x-window-system xlibmesa-dev xspecs xlibmesa3 xfonts-cyrillic xlibmesa3-dbg xserver-xfree86 xlibs-dbg libxaw6 libxaw7 xterm xvfb xfonts-scalable xfonts-75dpi xlib6g proxymngr libxaw6-dev xlibs-pic libdps1-dbg xlib6g-dev xfonts-base xutils libxaw7-dev xnest xlibs libxaw6-dbg xmh lbxproxy libxaw7-dbg xfonts-base-transcoded xbase-clients xprt xlibosmesa3 x-window-system-core xlibosmesa-dev twm xfwp xfonts-100dpi-transcoded xlibosmesa3-dbg xfonts-100dpi xdm libdps-dev xfonts-75dpi-transcoded libdps1 Architecture: s390 Version: 4.1.0-16woody3 Distribution: stable-security Urgency: high Maintainer: s390 Build Daemon - Gerhard Tonn Changed-By: Branden Robinson Description: lbxproxy - Low Bandwidth X (LBX) proxy server libdps-dev - Display PostScript (DPS) client library development files libdps1 - Display PostScript (DPS) client library libdps1-dbg - Display PostScript (DPS) client library (unstripped) libxaw6 - X Athena widget set library (version 6) libxaw6-dbg - X Athena widget set library (version 6) (unstripped) libxaw6-dev - X Athena widget set library development files (version 6) libxaw7 - X Athena widget set library libxaw7-dbg - X Athena widget set library (unstripped) libxaw7-dev - X Athena widget set library development files proxymngr - X proxy services manager twm - Tab window manager x-window-system-core - X Window System core components xbase-clients - miscellaneous X clients xdm - X display manager xfs - X font server xfwp - X firewall proxy server xlibmesa-dev - XFree86 version of Mesa 3D graphics library development files xlibmesa3 - XFree86 version of Mesa 3D graphics library xlibmesa3-dbg - XFree86 version of Mesa 3D graphics library (unstripped) xlibs - X Window System client libraries xlibs-dbg - X Window System client libraries (unstripped) xlibs-dev - X Window System client library development files xlibs-pic - X Window System client extension library PIC archives xmh - X interface to the MH mail system xnest - nested X server xprt - X print server xserver-common - files and utilities common to all X servers xterm - X terminal emulator xutils - X Window System utility programs xvfb - virtual framebuffer X server Closes: 232378 Changes: xfree86 (4.1.0-16woody3) stable-security; urgency=high . * Security update release. Resolves the following issues: + CAN-2004-0083: Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CAN-2004-0084. + CAN-2004-0084: Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CAN-2004-0083. + CAN-2004-0106: Miscellaneous additional flaws in XFree86's handling of font files. . * Fix multiple buffer overflows and insufficiently rigorous input validation in the X11R6 fontfile library. (Closes: #232378) - debian/patches/075_SECURITY_libfontfile_vulnerabilities.diff Files: b9428b7b0de94b51e1317275b75628fe 140022 x11 optional lbxproxy_4.1.0-16woody3_s390.deb 18e9f081719ec42f5026ceef35034c59 177022 libs optional libdps1_4.1.0-16woody3_s390.deb e90bb8aa2c3249fe2c101092e4f5ff41 447756 devel extra libdps1-dbg_4.1.0-16woody3_s390.deb 873bbd87083d9362bafbe0ce3b885170 235294 devel optional libdps-dev_4.1.0-16woody3_s390.deb 712ad57a8eef8701e3c502990248477d 184090 libs optional libxaw6_4.1.0-16woody3_s390.deb efd45ceb167144e5b8ff21320a13e013 368874 devel extra libxaw6-dbg_4.1.0-16woody3_s390.deb 4395835f314299dedf64710a07c77aab 308920 devel extra libxaw6-dev_4.1.0-16woody3_s390.deb af297431b8649917e0c4bc189a15a4e2 235262 libs optional libxaw7_4.1.0-16woody3_s390.deb d68b00808acba34e60db1b9ce51f0232 480910 devel extra libxaw7-dbg_4.1.0-16woody3_s390.deb 5c0173d6831e5e0a433b2c3d05be1db0 308802 devel optional libxaw7-dev_4.1.0-16woody3_s390.deb ab0364de77281e6658aafda6373de47d 77334 x11 optional proxymngr_4.1.0-16woody3_s390.deb 61e2b88ee559c91b6dd22d679f3613c2 164156 x11 optional twm_4.1.0-16woody3_s390.deb d118b97ce2bae9232a14fb11e79a5451 1255586 x11 optional xbase-clients_4.1.0-16woody3_s390.deb 8ee37a329329ffb769ca7b469387cfb3 175006 x11 optional xdm_4.1.0-16woody3_s390.deb 8582ad833773277f4e9a59681dc08417 293066 x11 optional xfs_4.1.0-16woody3_s390.deb 034c0a1ce46451bff4ff937da2078d4b 82826 x11 optional xfwp_4.1.0-16woody3_s390.deb a58f799a9e1ea0d1aaaf364a243f7d26 361030 libs optional xlibmesa3_4.1.0-16woody3_s390.deb 46c8fea9d271db0aa174fa52e0c688b9 912606 devel extra xlibmesa3-dbg_4.1.0-16woody3_s390.deb 003ed501dd557c6394910e7f474f631f 551122 devel optional xlibmesa-dev_4.1.0-16woody3_s390.deb 5b0a962297ae57eaad88decd3267cc1d 1195444 libs optional xlibs_4.1.0-16woody3_s390.deb 0eb4fee78e6be630aaa7bf36db1e5b87 2483570 devel extra xlibs-dbg_4.1.0-16woody3_s390.deb a274a8ef1f50d4f6a6b2f10959f552b4 2622002 devel optional xlibs-dev_4.1.0-16woody3_s390.deb 1ad4e3d57864db36546c8b4f4d5df6ce 75666 devel optional xlibs-pic_4.1.0-16woody3_s390.deb 6ea4422f324193b6a89c5ad1d51802cd 128702 mail extra xmh_4.1.0-16woody3_s390.deb 65f41ebe32f61d276228cdea5ebb8191 1180832 x11 optional xnest_4.1.0-16woody3_s390.deb b0e6e6c02e6c85780f4fd0667cd39b0d 871764 x11 optional xprt_4.1.0-16woody3_s390.deb 75aa64b8031819131f799ffcb7b7d7d5 220292 x11 optional xserver-common_4.1.0-16woody3_s390.deb a11f96531641cdc7843a5af5d8294c85 492862 x11 optional xterm_4.1.0-16woody3_s390.deb eb62cc99439d757e8ea76c769a417db2 580666 x11 optional xutils_4.1.0-16woody3_s390.deb 2215cff4823f43541c7c4f7b92bd2157 1293232 x11 optional xvfb_4.1.0-16woody3_s390.deb 89855dc7c4637c9baa9ca698427e38d6 60646 x11 optional x-window-system-core_4.1.0-16woody3_s390.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAMYWHArxCt0PiXR4RAjknAKCjZFZGIOw9Crucu+y+K1n9ddJegQCg38m2 0LzfrZRpIrMHgHG5vFpZPIo= =/2BR -----END PGP SIGNATURE-----