Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1213341533
업데이트 : 2008.06.13


상세내용

. CVE-2008-1377
An input validation flaw was discovered in X.org's Security and Record
extensions. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or, potentially, execute arbitrary code with
root privileges on the X.Org server.

. CVE-2008-1379
An input validation flaw was discovered in X.org's MIT-SHM extension. A
client connected to the X.org server could read arbitrary server memory.
This could result in the sensitive data of other users of the X.org server
being disclosed.

. CVE-2008-2360
An integer overflow flaw was found in X.org's Render extension. A malicious
authorized client could exploit this issue to cause a denial of service
(crash) or, potentially, execute arbitrary code with root privileges on the
X.Org server.


Autoupdates 지원 : 지원
  pkgadd -F "XFree86*"


update 패키지

  RPMS :

    . XFree86-libs-4.1.0-88.i686.rpm
    . XFree86-devel-4.1.0-88.i686.rpm
    . XFree86-4.1.0-88.i686.rpm
    . XFree86-xfs-4.1.0-88.i686.rpm

  SRPMS :

    . XFree86-4.1.0-88.src.rpm


참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360
http://www.redhat.com/security/updates/classification/#important