XFree86 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1213341533
업데이트 : 2008.06.13
상세내용
. CVE-2008-1377
An input validation flaw was discovered in X.org's Security and Record
extensions. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or, potentially, execute arbitrary code with
root privileges on the X.Org server.
. CVE-2008-1379
An input validation flaw was discovered in X.org's MIT-SHM extension. A
client connected to the X.org server could read arbitrary server memory.
This could result in the sensitive data of other users of the X.org server
being disclosed.
. CVE-2008-2360
An integer overflow flaw was found in X.org's Render extension. A malicious
authorized client could exploit this issue to cause a denial of service
(crash) or, potentially, execute arbitrary code with root privileges on the
X.Org server.
Autoupdates 지원 : 지원
pkgadd -F "XFree86*"
update 패키지
RPMS :
. XFree86-libs-4.1.0-88.i686.rpm
. XFree86-devel-4.1.0-88.i686.rpm
. XFree86-4.1.0-88.i686.rpm
. XFree86-xfs-4.1.0-88.i686.rpm
SRPMS :
. XFree86-4.1.0-88.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360
http://www.redhat.com/security/updates/classification/#important
|