|
Multiple vulnerabilities have been discovered in X.Org:
- XC-MISC CVE-2007-1003
XC-MISC Extension ProcXCMiscGetXIDList Memory Corruption
Vulnerability
This vulnerability was discovered by Sean Larsson, iDefense Labs.
- bdf CVE-2007-1351
BDFFont Parsing Integer Overflow Vulnerability
The discoverer of this vulnerability wishes to remain anonymous.
- fontdir CVE-2007-1352
fonts.dir File Parsing Integer Overflow Vulnerability
The discoverer of this vulnerability wishes to remain anonymous.
- libX11 CVE-2007-1667
Multiple integer overflows in the XGetPixel() and XInitImage functions
in ImUtil.c
These vulnerabilities have been fixed in the OpenBSD CVS repository
in the -current and -stable branches. The -current snapshots of X11
contain these fixes as well.
It is recommended that users of X11 on OpenBSD update their X11
installation using cvs or manually apply the source code patches listed
below.
A source code patch for OpenBSD 4.0-stable can be downloaded from
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/011_xorg.patch.
A source code patch for OpenBSD 3.9-stable can be downloaded from
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/021_xorg.patch.
|