| Description: | Description:
The remote host is missing updates announced in
advisory RHSA-2005:501.
XFree86 is an implementation of the X Window System, which provides
the core functionality for the Linux graphical desktop.
Several integer overflow bugs were found in the way XFree86 parses pixmap
images. It is possible for a user to gain elevated privileges by loading a
specially crafted pixmap image. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2005-2495 to this issue.
Additionally this update adds the following new features in this release:
- - Support for ATI RN50/ES1000 chipsets has been added.
The following bugs were also fixed in this release:
- - A problem with the X server's module loading system that led to cache
incoherency on the Itanium architecture.
- - The X server's PCI config space accesses caused contention
with the kernel if accesses occurred while the kernel lock was held.
- - X font server (xfs) crashed when accessing Type 1 fonts
via showfont.
- - A problem with the X transport library prevented X applications
from starting if the hostname started with a digit.
- - An issue where refresh rates were being restricted to 60Hz on
some Intel i8xx systems
Users of XFree86 should upgrade to these updated packages, which contain a
backported patch and are not vulnerable to this issue.
Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
http://rhn.redhat.com/errata/RHSA-2005-501.html
Risk factor : High
CVSS Score:
5.1
|
