OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [suse-security] SUSE Security Announcement: xf86/XFree86 (SuSE-SA:2004:006)

From: Thomas Biege (thomassuse.de)
Date: Tue Feb 24 2004 - 07:32:54 CST

On Tue, 24 Feb 2004, Frank Steiner wrote:

> Hi,

Hi.

 
> Thomas Biege wrote:
>
> >
> > SUSE Security Announcement
> >
> > Package: xf86/XFree86
> > Announcement-ID: SuSE-SA:2004:006
>
> having installed the update on SuSE 8.0, X still crashes using the method
> from http://www.idefense.com/application/poi/display?id=72&type=vulnerabilities&flashstatus=false
>
> Should that happen?
>
> cu,
> Frank
>
> #############
> watson /root/tmp# rpm -q --changelog xf86 | head -n 5

Does this even happen as non-root user?

> * Thu Feb 12 2004 - thomassuse.de
>
> - fixed more buffer overflows in fontfile/ direc (#34296)
> - put together old and new bugs in
> fontfile-sec_bufferoverflows.diff
>
> # having the fonts.alias and fonts.dir in tmp/:
> watson /root/tmp# X :0 -fp $PWD
>
> XFree86 Version 4.2.0 / X Window System
> (protocol Version 11, revision 0, vendor release 6600)
> Release Date: 18 January 2002
> If the server is older than 6-12 months, or if your card is
> newer than the above date, look for a newer version before
> reporting problems. (See http://www.XFree86.Org/)
> Build Operating System: SuSE Linux [ELF] SuSE
> Module Loader present
> Markers: (--) probed, (**) from config file, (==) default setting,
> (++) from command line, (!!) notice, (II) informational,
> (WW) warning, (EE) error, (NI) not implemented, (??) unknown.
> (==) Log file: "/var/log/XFree86.0.log", Time: Tue Feb 24 10:10:34 2004
> (==) Using config file: "/etc/X11/XF86Config"
>
> Fatal server error:
> Caught signal 4. Server aborting

The original bug triggered a SIGSEGV (11) this one is a SIGILL (4).
Maybe it triggered just another bug. I'll verify the sources...

Bye,
     Thomas
--
  Thomas Biege <thomassuse.de>, SUSE LINUX AG, Security Support & Auditing
--
# If you have the "driftnet" program installed, webcollage can display a
# collage of images sniffed off your local ethernet, instead of pulled out
# of search engines: in that way, your screensaver can display the images
# that your co-workers are downloading!
                                          -- xscreensaver source-code

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here