XFree86-4.3.0 Xft vulnerability patch, round 3

Kelledin kelledin+BLFS at skarpsey.dyndns.org
Sat Sep 27 16:14:16 PDT 2003


On Tuesday 02 September 2003 07:37 pm, Kelledin wrote:
> On Sunday 31 August 2003 01:30 pm, Kelledin wrote:
> > "blemix" <blemux at hush.com> recently reported a series of
> > integer overflow vulnerabilities in XFree86 4.3.0 to the
> > bugtraq at securityfocus.com mailing list.  Primarily these are
> > integer overflow errors which in certain configurations
> > could lead to the X server executing arbitrary code.
>
> Matthieu Herrb revised his fixes.  Some of the revisions
> appear functionally pertinent to 64-bit platforms, some are
> just for cleanliness.  In any event, here's the revised patch,
> backported again.  It compiles and seems to work.

Well...irony of ironies, somebody found some integer overflows in 
the integer overflow checks.  Ain't life grand? ;-)

http://skarpsey.dyndns.org/XFree86-4.3.0-xftfix-3.patch.bz2

-- 
Kelledin
"If a server crashes in a server farm and no one pings it, does 
it still cost four figures to fix?"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: XFree86-4.3.0-xftfix-3.patch.bz2
Type: application/x-bzip2
Size: 2814 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/lfs-security/attachments/20030927/65784895/attachment.bin>


More information about the lfs-security mailing list