-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 14 Feb 2004 13:44:41 -0500 Source: xfree86 Binary: xserver-common xlibs-dev xfs xfree86-common xfonts-pex x-window-system xlibmesa-dev xspecs xlibmesa3 xfonts-cyrillic xlibmesa3-dbg xserver-xfree86 xlibs-dbg libxaw6 libxaw7 xterm xvfb xfonts-scalable xfonts-75dpi xlib6g proxymngr libxaw6-dev xlibs-pic libdps1-dbg xlib6g-dev xfonts-base xutils libxaw7-dev xnest xlibs libxaw6-dbg xmh lbxproxy libxaw7-dbg xfonts-base-transcoded xbase-clients xprt xlibosmesa3 x-window-system-core xlibosmesa-dev twm xfwp xfonts-100dpi-transcoded xlibosmesa3-dbg xfonts-100dpi xdm libdps-dev xfonts-75dpi-transcoded libdps1 Architecture: mipsel Version: 4.1.0-16woody3 Distribution: stable Urgency: high Maintainer: Debian/MIPSEL Build Daemon Changed-By: Branden Robinson Description: lbxproxy - Low Bandwidth X (LBX) proxy server libdps-dev - Display PostScript (DPS) client library development files libdps1 - Display PostScript (DPS) client library libdps1-dbg - Display PostScript (DPS) client library (unstripped) libxaw6 - X Athena widget set library (version 6) libxaw6-dbg - X Athena widget set library (version 6) (unstripped) libxaw6-dev - X Athena widget set library development files (version 6) libxaw7 - X Athena widget set library libxaw7-dbg - X Athena widget set library (unstripped) libxaw7-dev - X Athena widget set library development files proxymngr - X proxy services manager twm - Tab window manager x-window-system-core - X Window System core components xbase-clients - miscellaneous X clients xdm - X display manager xfs - X font server xfwp - X firewall proxy server xlibmesa-dev - XFree86 version of Mesa 3D graphics library development files xlibmesa3 - XFree86 version of Mesa 3D graphics library xlibmesa3-dbg - XFree86 version of Mesa 3D graphics library (unstripped) xlibs - X Window System client libraries xlibs-dbg - X Window System client libraries (unstripped) xlibs-dev - X Window System client library development files xlibs-pic - X Window System client extension library PIC archives xmh - X interface to the MH mail system xnest - nested X server xprt - X print server xserver-common - files and utilities common to all X servers xserver-xfree86 - the XFree86 X server xterm - X terminal emulator xutils - X Window System utility programs xvfb - virtual framebuffer X server Closes: 232378 Changes: xfree86 (4.1.0-16woody3) stable-security; urgency=high . * Security update release. Resolves the following issues: + CAN-2004-0083: Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CAN-2004-0084. + CAN-2004-0084: Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CAN-2004-0083. + CAN-2004-0106: Miscellaneous additional flaws in XFree86's handling of font files. . * Fix multiple buffer overflows and insufficiently rigorous input validation in the X11R6 fontfile library. (Closes: #232378) - debian/patches/075_SECURITY_libfontfile_vulnerabilities.diff Files: 845db903c818a0e94ba40533a460942d 153076 x11 optional lbxproxy_4.1.0-16woody3_mipsel.deb 439ff2ade2c739469141787d0cfdedbd 172800 libs optional libdps1_4.1.0-16woody3_mipsel.deb 630faa1db821e068b18cf9146833c845 559656 devel extra libdps1-dbg_4.1.0-16woody3_mipsel.deb f78477334e35f61893449c03bcfba66e 276936 devel optional libdps-dev_4.1.0-16woody3_mipsel.deb ce28dccd926a746a5d6c28715ce5b1d6 181300 libs optional libxaw6_4.1.0-16woody3_mipsel.deb 9bae946c5d94e01d87bbc8779c11a372 536264 devel extra libxaw6-dbg_4.1.0-16woody3_mipsel.deb 843a9281e5c6d285c38e06ac38857044 349634 devel extra libxaw6-dev_4.1.0-16woody3_mipsel.deb 670c70acc18a1dd26ec2268fa3386593 231298 libs optional libxaw7_4.1.0-16woody3_mipsel.deb a41405714807d426d56e5b76ab8f00f0 669438 devel extra libxaw7-dbg_4.1.0-16woody3_mipsel.deb a898fc8934d8b963264c10839337a1b6 349520 devel optional libxaw7-dev_4.1.0-16woody3_mipsel.deb aa2b0c1a13294f964c560d1b862e58c0 77958 x11 optional proxymngr_4.1.0-16woody3_mipsel.deb f8e499108022742fe4b5450ace96d5ba 167880 x11 optional twm_4.1.0-16woody3_mipsel.deb 9ffdf6628a16f3bc9b40eb7bbd4c6aa5 1649870 x11 optional xbase-clients_4.1.0-16woody3_mipsel.deb 2b3823e81b241eaf0734d580421722e0 177304 x11 optional xdm_4.1.0-16woody3_mipsel.deb 4365b733df92631d6d0fbf64d197190a 337902 x11 optional xfs_4.1.0-16woody3_mipsel.deb 06f43376606104081b3e5e21b500f064 83580 x11 optional xfwp_4.1.0-16woody3_mipsel.deb 93db37acaae5767fff6e5bbbd7da33ae 354484 libs optional xlibmesa3_4.1.0-16woody3_mipsel.deb 7a10138e03e8815206078ec1955dd3fb 1044774 devel extra xlibmesa3-dbg_4.1.0-16woody3_mipsel.deb ed3fd738eb9d96ea0b2ad3f54e03ff42 624652 devel optional xlibmesa-dev_4.1.0-16woody3_mipsel.deb 1d29582bc9100ee4bac2b596be6f563a 1304604 libs optional xlibs_4.1.0-16woody3_mipsel.deb aec29bba05804fba924a3ce3aa5d0c48 3609904 devel extra xlibs-dbg_4.1.0-16woody3_mipsel.deb 6ac826ef6c0469b77c5dc8a84ea6495a 3113398 devel optional xlibs-dev_4.1.0-16woody3_mipsel.deb 18f1b9691b9d00af72649186fea9debb 78794 devel optional xlibs-pic_4.1.0-16woody3_mipsel.deb 457f951d09e27857f126dd8077621e60 141066 mail extra xmh_4.1.0-16woody3_mipsel.deb 1554bfee8936c385e6e3a6259d300cb4 1773912 x11 optional xnest_4.1.0-16woody3_mipsel.deb b09ca79b256e110f9694d9b22ade2757 1439926 x11 optional xprt_4.1.0-16woody3_mipsel.deb c5640437baf8313778e6945fdc1ad26d 219716 x11 optional xserver-common_4.1.0-16woody3_mipsel.deb 600839a4d65b5814aa0d6c78f1098919 3384352 x11 optional xserver-xfree86_4.1.0-16woody3_mipsel.deb 967d9186369f23e441c1850693859b25 506032 x11 optional xterm_4.1.0-16woody3_mipsel.deb a263d92ed03c300662546c30f059dc33 662560 x11 optional xutils_4.1.0-16woody3_mipsel.deb 671a22c2ff72163d0bce0861775dd143 1907158 x11 optional xvfb_4.1.0-16woody3_mipsel.deb 0c74c1c9852ec44fc6b3e4109023d420 60660 x11 optional x-window-system-core_4.1.0-16woody3_mipsel.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQFAOx1dN2Dbz/1mRasRAptRAKCt8smvBklJsIXiNNTURYJ9SCft7wCghDRx 74u0RxXT5UuCJ6ukbk4kic8= =v0xz -----END PGP SIGNATURE-----