OpenBSD Journal

a b y Patch 012: XFree86

Contributed by jose on from the guarded-against-by-ProPolice dept.

A vulnerability has been found in XFree86 by iDefense. Patches are now available to remedy this problem for 3.4 and 3.3. From the errata :
Several buffer overflows exist in the code parsing font.aliases files in XFree86. Thanks to propolice, these cannot be exploited to gain privileges, but they can cause the X server to abort.
You can find patches here:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/012_font.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/017_font.patch
UPDATE: As someone kindly noted, this is a reliability fix according to the OpenBSD website, not a security fix.

(Comments are closed)


Comments
  1. By Anonymous Coward () on

    > Thanks to propolice, these cannot be exploited to gain privileges

    Surely this should just be labelled as a reliability issue then?

  2. By Anonymous Coward () on

    It is interesting that this bug is advertised as a 'remote and local vulnerability' for our NetBSD kin. The propolice (and other) modifications seem to be paying off.

    It is also interesting that NetBSD lists three more unrelated security advisories:

    # DNS negative cache poisoning
    # NetBSD-SA2003-017 OpenSSL multiple vulnerability
    # NetBSD-SA2003-016 Sendmail - another prescan() bug CAN-2003-0694

    I suppose we may be patching for these too soon(?) ...

    Comments
    1. By Christian () on http://www.cschwede.de

      CAN-2003-0694/sendmail is already patched on September 17 2003 (on 3.3). And the multiple openssl vulnerability is imho also already patched - i think the listed bugs are really old, aren't they?

    2. By Brad () brad at comstyle dot com on mailto:brad at comstyle dot com

      The BIND issue does not affect us, we use BIND9. The OpenSSL issues are patched via errata 002 and the Sendmail issue was fixed before 3.4 went out the door.

  3. By Anonymous Coward () on

    Am I missing something, I do not have a XF4 directory.

    Comments
    1. By Anonymous Coward () on

      The XF4 sources are in the XF4.tar.gz tarball on the third cd. Untarring that will give you the XF4 directory.

      Now, is it normal that the build depends on tcl/tk? No big deal to install it, but just wondering...

      Also, is it really necessary to rebuild _everything_ in /usr/XF4?

      Comments
      1. By Brad () brad at comstyle dot com on mailto:brad at comstyle dot com

        Yes it is normal to depend on Tcl/Tk when on i386. To be on the safe side its a good idea to do a full rebuild, the library is statically linked to some binaries and we're not sure of how many that can be or which ones, so you get the idea...

        Comments
        1. By Anonymous Coward () on

          I noticed that some colors change in color xterms when you upgrade X to -current.

          For who, like me, dislike the 'new' colors: the file in which these are defined is:
          /etc/X11/app-defaults/XTerm-color
          which is copied from:
          /usr/XF4/xc/programs/xterm/XTerm-col.ad

          Using CVS you can retrieve the 'old' version of this file, and change the colors back.

          Comments
          1. By Anonymous Coward () on

            and breaks the (recently fixed) 865G graphics - this is a pre-release version of X, so I wouldn't get too excited about things yet.

            Comments
            1. By Brad () brad at comstyle dot com on mailto:brad at comstyle dot com

              Unfortunately there have been quite a few reports of failure from Radeon users too, including my own PowerBook with a Radeon Mobility M6.

              Comments
              1. By Anonymous Coward () on

                yep - but I suspect that's more to do with X than with OpenBSD - bug reports go to... the X guys I suppose?

                I know for sure that files that changed (agpgart support) to get my card working haven't been broken again, so I'm sure this is an X thing.

      2. By Anonymous Coward () on

        as stated by Brad, yes, it's normal.

        You can get a lot more information about the complete build process on i386 my reading 'man release' - it's got a really good walk-through of the whole build process from the point of view of preparing a release.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]