-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 14 Feb 2004 13:44:41 -0500 Source: xfree86 Binary: xserver-common xlibs-dev xfs xfree86-common xfonts-pex x-window-system xlibmesa-dev xspecs xlibmesa3 xfonts-cyrillic xlibmesa3-dbg xserver-xfree86 xlibs-dbg libxaw6 libxaw7 xterm xvfb xfonts-scalable xfonts-75dpi xlib6g proxymngr libxaw6-dev xlibs-pic libdps1-dbg xlib6g-dev xfonts-base xutils libxaw7-dev xnest xlibs libxaw6-dbg xmh lbxproxy libxaw7-dbg xfonts-base-transcoded xbase-clients xprt xlibosmesa3 x-window-system-core xlibosmesa-dev twm xfwp xfonts-100dpi-transcoded xlibosmesa3-dbg xfonts-100dpi xdm libdps-dev xfonts-75dpi-transcoded libdps1 Architecture: sparc Version: 4.1.0-16woody3 Distribution: stable-security Urgency: high Maintainer: Debian/SPARC Build Daemon Changed-By: Branden Robinson Description: lbxproxy - Low Bandwidth X (LBX) proxy server libdps-dev - Display PostScript (DPS) client library development files libdps1 - Display PostScript (DPS) client library libdps1-dbg - Display PostScript (DPS) client library (unstripped) libxaw6 - X Athena widget set library (version 6) libxaw6-dbg - X Athena widget set library (version 6) (unstripped) libxaw6-dev - X Athena widget set library development files (version 6) libxaw7 - X Athena widget set library libxaw7-dbg - X Athena widget set library (unstripped) libxaw7-dev - X Athena widget set library development files proxymngr - X proxy services manager twm - Tab window manager x-window-system-core - X Window System core components xbase-clients - miscellaneous X clients xdm - X display manager xfs - X font server xfwp - X firewall proxy server xlibmesa-dev - XFree86 version of Mesa 3D graphics library development files xlibmesa3 - XFree86 version of Mesa 3D graphics library xlibmesa3-dbg - XFree86 version of Mesa 3D graphics library (unstripped) xlibosmesa-dev - Mesa/XFree86 off-screen rendering library development files xlibosmesa3 - Mesa/XFree86 off-screen rendering library xlibosmesa3-dbg - Mesa/XFree86 off-screen rendering library (unstripped) xlibs - X Window System client libraries xlibs-dbg - X Window System client libraries (unstripped) xlibs-dev - X Window System client library development files xlibs-pic - X Window System client extension library PIC archives xmh - X interface to the MH mail system xnest - nested X server xprt - X print server xserver-common - files and utilities common to all X servers xserver-xfree86 - the XFree86 X server xterm - X terminal emulator xutils - X Window System utility programs xvfb - virtual framebuffer X server Closes: 232378 Changes: xfree86 (4.1.0-16woody3) stable-security; urgency=high . * Security update release. Resolves the following issues: + CAN-2004-0083: Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CAN-2004-0084. + CAN-2004-0084: Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CAN-2004-0083. + CAN-2004-0106: Miscellaneous additional flaws in XFree86's handling of font files. . * Fix multiple buffer overflows and insufficiently rigorous input validation in the X11R6 fontfile library. (Closes: #232378) - debian/patches/075_SECURITY_libfontfile_vulnerabilities.diff Files: 1901b6c900fc1847ca74a27f3dcaff32 140266 x11 optional lbxproxy_4.1.0-16woody3_sparc.deb 42747bf59f87afcbd15ab7ffb50e31f0 183052 libs optional libdps1_4.1.0-16woody3_sparc.deb ae524b602729a2741e4a19cc29ee2732 444802 devel extra libdps1-dbg_4.1.0-16woody3_sparc.deb 1b29a600f60a08dc278deb232ad20938 247470 devel optional libdps-dev_4.1.0-16woody3_sparc.deb e708203e6b8db0abdfa6747d5f6d4e17 172578 libs optional libxaw6_4.1.0-16woody3_sparc.deb 9189e3d05f2860697ac559f9b59a4278 347922 devel extra libxaw6-dbg_4.1.0-16woody3_sparc.deb 999436a5148deba3dd03eca7e762a68c 309114 devel extra libxaw6-dev_4.1.0-16woody3_sparc.deb a8e99bc8ce4d742882b5ddd46efbe317 221854 libs optional libxaw7_4.1.0-16woody3_sparc.deb c5d49402afd30c81b17f26d154564d58 454230 devel extra libxaw7-dbg_4.1.0-16woody3_sparc.deb eff40509997809e2a9e166969283455e 309012 devel optional libxaw7-dev_4.1.0-16woody3_sparc.deb e07fd96ff8264744f4eda9b58ece2269 79222 x11 optional proxymngr_4.1.0-16woody3_sparc.deb ce3ddb8156914751a90537a36617ec8d 163480 x11 optional twm_4.1.0-16woody3_sparc.deb 43f30b7958cf1bef6724d54957b003a1 1710872 x11 optional xbase-clients_4.1.0-16woody3_sparc.deb 301f001965c0d36f9d71a4354f4495a6 173852 x11 optional xdm_4.1.0-16woody3_sparc.deb 51f2d344c70deb05b9e40e29b2252a6b 302708 x11 optional xfs_4.1.0-16woody3_sparc.deb 0c3fb4a6ffde23d4d4563507869a422f 84370 x11 optional xfwp_4.1.0-16woody3_sparc.deb ef589e854e0d17549a698a19ef204895 886132 libs optional xlibmesa3_4.1.0-16woody3_sparc.deb d504c2631760c00d160afc50cd9d18ac 908598 devel extra xlibmesa3-dbg_4.1.0-16woody3_sparc.deb 4bbfd4feb8f0021abd99d01a9a601a5a 586902 devel optional xlibmesa-dev_4.1.0-16woody3_sparc.deb 6436662a03963a803b5b7e47360477bb 553726 libs optional xlibosmesa3_4.1.0-16woody3_sparc.deb fd383169e7c49a661b64309aec9f8e60 1104206 devel extra xlibosmesa3-dbg_4.1.0-16woody3_sparc.deb 3bfe528bb5ffe461484a27c0bfdb111f 612972 devel optional xlibosmesa-dev_4.1.0-16woody3_sparc.deb fa1d07239a3e3f2c627b9f6e4ad49f62 1262736 libs optional xlibs_4.1.0-16woody3_sparc.deb e2d115192b265cdf81feda9929bf5c6d 2647358 devel extra xlibs-dbg_4.1.0-16woody3_sparc.deb 1419f0f9e8e0868efc48e3c80dc51513 2866814 devel optional xlibs-dev_4.1.0-16woody3_sparc.deb eae08484865fe01657405ca3dfbf6603 75850 devel optional xlibs-pic_4.1.0-16woody3_sparc.deb 0f4efd7fb51016b302a86be6fb04b67a 130826 mail extra xmh_4.1.0-16woody3_sparc.deb 36cd814a7da3ad3db158b1f3e658f0ec 1537094 x11 optional xnest_4.1.0-16woody3_sparc.deb 039e62f27d05dda3f7969fe675ada527 1203312 x11 optional xprt_4.1.0-16woody3_sparc.deb dff119552b5f2a2c9cee09576c06f590 223034 x11 optional xserver-common_4.1.0-16woody3_sparc.deb 24c367c30dcd7454c389b2c76a75d00a 4050704 x11 optional xserver-xfree86_4.1.0-16woody3_sparc.deb 145244d3f636b4f7971a02c7933b3183 491866 x11 optional xterm_4.1.0-16woody3_sparc.deb 6d5be2cd318753ca37fe5334a8cd70c3 645256 x11 optional xutils_4.1.0-16woody3_sparc.deb a43b3c715c8a1f3c49965722edbae251 1649604 x11 optional xvfb_4.1.0-16woody3_sparc.deb 34c4130a00d9a7eb84b92454fc5fdbd1 60654 x11 optional x-window-system-core_4.1.0-16woody3_sparc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAMYWSArxCt0PiXR4RAkfIAJ0Y3hCB/JM7qtTnB6S0qKCT5DQ1QwCgk3/w dfl3SRQdnILpb86Ce3CCEDg= =rUUx -----END PGP SIGNATURE-----