安全研究

安全漏洞
XFree86 CopyISOLatin1Lowered Font_Name本地缓冲区溢出漏洞

发布日期:2004-02-12
更新日期:2004-03-02

受影响系统:
XFree86 X11R6 4.3
XFree86 X11R6 4.2.1
XFree86 X11R6 4.2.0
XFree86 X11R6 4.1-12
XFree86 X11R6 4.1-11
XFree86 X11R6 4.1.0
    - Debian Linux 3.0
    - RedHat Enterprise Linux WS 2.1
    - RedHat Enterprise Linux ES 2.1
    - RedHat Enterprise Linux AS 2.1
    - RedHat Linux 7.2
    - RedHat Linux 7.1
    - Slackware Linux 8.0
    - SuSE Linux 8.0
    - SuSE Linux 7.3
    - Turbo Linux 7.0
描述:
BUGTRAQ  ID: 9652
CVE(CAN) ID: CVE-2004-0084

XFree86是一款流行的X服务器。

XFree86 X Windows系统当处理'font.alias'文件时缺少正确的边界检查,本地攻击者可以利用这个漏洞进行缓冲区溢出攻击,可提升权限。

问题存在于CopyISOLatin1Lowered()函数处理'font_name'缓冲区时。当解析'font.alias'文件时,ReadFontAlias()函数使用输入字符串长度作为拷贝的限制长度来代替存储缓冲区的大小,恶意用户可以构建畸形'font.alias'文件,诱使用户解析,以root用户权限执行任意指令。

<*来源:Greg MacManus
  
  链接:http://marc.theaimsgroup.com/?l=bugtraq&m=107662833512775&w=2
                http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000821
        http://www.debian.org/security/2004/dsa-443
        http://www.linux-mandrake.com/en/security/2004/2004-012.php
        https://www.redhat.com/support/errata/RHSA-2004-059.html
*>

建议:
厂商补丁:

Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2004:821)以及相应补丁:
CLA-2004:821:XFree86
链接:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000821

补丁下载:

Conectiva Upgrade XFree86-100dpi-fonts-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-100dpi-fonts-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-75dpi-fonts-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-75dpi-fonts-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-GL-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-GL-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-GL-devel-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-GL-devel-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-Server-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-Server-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-Server-common-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-Server-common-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-Speedo-fonts-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-Speedo-fonts-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-Type1-fonts-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-Type1-fonts-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-Xnest-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-Xnest-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-Xprt-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-Xprt-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-Xvfb-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-Xvfb-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-apm-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-apm-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-ark-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-ark-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-ati-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-ati-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-ati-dri-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-ati-dri-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-bench-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-bench-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-chips-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-chips-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-cid-fonts-support-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-cid-fonts-support-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-cirrus-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-cirrus-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-common-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-common-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-config-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-config-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-cyrillic-fonts-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-cyrillic-fonts-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-cyrix-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-cyrix-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-devel-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-devel-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-devel-static-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-devel-static-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-doc-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-doc-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-doc-html-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-doc-html-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-dps-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-dps-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-fbdev-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-fbdev-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-glide-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-glide-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-glint-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-glint-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-i128-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-i128-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-i740-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-i740-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-i810-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-i810-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-i810-dri-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-i810-dri-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-libs-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-libs-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-libs-Xaw-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-libs-Xaw-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-libs-Xaw6-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-libs-Xaw6-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-libs-common-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-libs-common-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-manpages-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-manpages-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-mga-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-mga-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-minimal-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-minimal-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-misc-fonts-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-misc-fonts-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-misc-locales-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-misc-locales-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-afb-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-afb-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-cfb-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-cfb-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-codeconv-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-codeconv-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-extended-input-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-extended-input-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-fb-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-fb-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-fb-lowcolor-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-fb-lowcolor-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-fb-multi-depths-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-fb-multi-depths-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-freetype-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-freetype-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-xaa-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-xaa-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-modules-xtt-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-modules-xtt-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-neomagic-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-neomagic-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-nv-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-nv-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-progs-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-progs-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-proxy-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-proxy-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-rendition-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-rendition-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-s3-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-s3-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-s3virge-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-s3virge-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-savage-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-savage-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-siliconmotion-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-siliconmotion-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-sis-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-sis-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-sis-dri-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-sis-dri-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-tdfx-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-tdfx-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-tdfx-dri-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-tdfx-dri-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-tga-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-tga-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-trident-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-trident-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-tseng-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-tseng-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-twm-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-twm-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-vesa-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-vesa-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-vga-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-vga-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-vmware-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-vmware-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-xdm-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-xdm-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-xfs-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-xfs-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade XFree86-xkb-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/XFree86-xkb-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade freetype2-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/freetype2-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade freetype2-devel-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/freetype2-devel-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade rstart-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/rstart-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade freetype2-devel-static-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/freetype2-devel-static-4.2.0-21U80_6cl.i386.rpm

Conectiva Upgrade xterm-4.2.0-21U80_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/xterm-4.2.0-21U80_6cl.i386.rpm

XFree86 X11R6 4.3:

Conectiva Upgrade XFree86-s3-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-s3-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-s3virge-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-s3virge-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-savage-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-savage-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-siliconmotion-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-siliconmotion-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-sis-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-sis-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-tdfx-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-tdfx-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-tdfx-dri-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-tdfx-dri-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-tga-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-tga-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-trident-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-trident-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-tseng-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-tseng-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-ttf-fonts-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-ttf-fonts-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-twm-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-twm-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade rstart-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/rstart-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-vesa-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-vesa-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-vga-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-vga-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-vmware-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-vmware-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-xdm-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-xdm-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-xfs-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-xfs-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-xkb-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-xkb-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade fontconfig-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/fontconfig-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade fontconfig-devel-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/fontconfig-devel-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade fontconfig-devel-static-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/fontconfig-devel-static-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade xterm-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/xterm-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-100dpi-fonts-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-100dpi-fonts-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-75dpi-fonts-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-75dpi-fonts-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-GL-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-GL-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-GL-devel-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-GL-devel-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-GL-devel-static-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-GL-devel-static-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-GLU-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-GLU-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-Server-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-Server-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-Server-common-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-Server-common-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-Speedo-fonts-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-Speedo-fonts-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-Type1-fonts-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-Type1-fonts-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-Xnest-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-Xnest-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-Xprt-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-Xprt-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-Xvfb-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-Xvfb-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-apm-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-apm-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-ark-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-ark-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-ati-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-ati-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-ati-dri-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-ati-dri-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-bench-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-bench-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-chips-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-chips-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-cid-fonts-support-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-cid-fonts-support-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-cirrus-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-cirrus-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-common-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-common-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-config-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-config-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-cyrillic-fonts-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-cyrillic-fonts-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-cyrix-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-cyrix-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-devel-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-devel-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-doc-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-doc-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-dps-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-dps-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-fbdev-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-fbdev-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-glide-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-glide-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-glint-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-glint-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-i128-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-i128-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-i740-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-i740-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-i810-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-i810-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-i810-dri-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-i810-dri-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-icons-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-icons-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-libs-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-libs-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-libs-Xaw-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-libs-Xaw-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-libs-Xaw6-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-libs-Xaw6-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-libs-common-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-libs-common-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-manpages-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-manpages-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-mga-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-mga-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-mga-dri-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-mga-dri-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-minimal-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-minimal-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-misc-fonts-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-misc-fonts-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-misc-locales-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-misc-locales-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-afb-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-afb-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-cfb-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-cfb-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-codeconv-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-codeconv-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-extended-input-4.3.0-28972U90_5cl.i386.rp
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-extended-input-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-fb-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-fb-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-fb-lowcolor-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-fb-lowcolor-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-fb-multi-depths-4.3.0-28972U90_5cl.i386.r
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-fb-multi-depths-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-freetype-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-freetype-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-xaa-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-xaa-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-modules-xtt-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-modules-xtt-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-neomagic-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-neomagic-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-nsc-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-nsc-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-nv-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-nv-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-progs-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-progs-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-proxy-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-proxy-4.3.0-28972U90_5cl.i386.rpm

Conectiva Upgrade XFree86-rendition-4.3.0-28972U90_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/XFree86-rendition-4.3.0-28972U90_5cl.i386.rpm

Debian
------
http://www.debian.org/security/2004/dsa-443

MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2004:012)以及相应补丁:
MDKSA-2004:012:Updated XFree86 packages fix buffer overflow vulnerabilities
链接:http://www.linux-mandrake.com/en/security/2004/2004-012.php

补丁下载:

Updated Packages:

Corporate Server 2.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/X11R6-contrib-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-devel-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-glide-module-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-libs-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-server-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.9.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/XFree86-4.2.1-6.9.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/X11R6-contrib-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-100dpi-fonts-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-75dpi-fonts-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-Xnest-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-Xvfb-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-cyrillic-fonts-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-devel-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-libs-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-server-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-static-libs-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/XFree86-xfs-4.2.1-6.9.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/SRPMS/XFree86-4.2.1-6.9.C21mdk.src.rpm

Mandrake Linux 9.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/X11R6-contrib-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-100dpi-fonts-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-75dpi-fonts-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-Xnest-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-Xvfb-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-cyrillic-fonts-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-devel-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-glide-module-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-libs-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-server-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-static-libs-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/XFree86-xfs-4.2.1-3.5.90mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/SRPMS/XFree86-4.2.1-3.5.90mdk.src.rpm

Mandrake Linux 9.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/X11R6-contrib-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-100dpi-fonts-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-75dpi-fonts-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-Xnest-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-Xvfb-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-cyrillic-fonts-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-devel-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-glide-module-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-libs-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-server-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-static-libs-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/XFree86-xfs-4.3-8.7.91mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/SRPMS/XFree86-4.3-8.7.91mdk.src.rpm

Mandrake Linux 9.1/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/X11R6-contrib-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-100dpi-fonts-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-75dpi-fonts-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-Xnest-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-Xvfb-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-cyrillic-fonts-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-devel-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-libs-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-server-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-static-libs-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/XFree86-xfs-4.3-8.7.91mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/SRPMS/XFree86-4.3-8.7.91mdk.src.rpm

Mandrake Linux 9.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/libxfree86-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/libxfree86-devel-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/libxfree86-static-devel-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/X11R6-contrib-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/XFree86-100dpi-fonts-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/XFree86-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/XFree86-75dpi-fonts-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/XFree86-Xnest-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/XFree86-Xvfb-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/XFree86-glide-module-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/XFree86-server-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/RPMS/XFree86-xfs-4.3-24.4.92mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.2/SRPMS/XFree86-4.3-24.4.92mdk.src.rpm

Mandrake Linux 9.2/AMD64:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/lib64xfree86-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/lib64xfree86-devel-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/lib64xfree86-static-devel-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/X11R6-contrib-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/XFree86-100dpi-fonts-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/XFree86-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/XFree86-75dpi-fonts-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/XFree86-Xnest-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/XFree86-Xvfb-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/XFree86-cyrillic-fonts-4.3-24.4.92mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/9.2/RPMS/XFree86-server-4.3-24.4.92mdk.amd64.rpm

上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php

RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2004:059-01)以及相应补丁:
RHSA-2004:059-01:Updated XFree86 packages fix privilege escalation vulnerability
链接:https://www.redhat.com/support/errata/RHSA-2004-059.html

补丁下载:

Red Hat Linux 9:

SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/XFree86-4.3.0-2.90.55.src.rpm

i386:
ftp://updates.redhat.com/9/en/os/i386/XFree86-100dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-75dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-ISO8859-14-100dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-ISO8859-14-75dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-Mesa-libGL-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-Mesa-libGLU-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-Xnest-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-Xvfb-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-base-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-cyrillic-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-devel-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-doc-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-font-utils-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-libs-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-libs-data-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-sdk-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-syriac-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-tools-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-truetype-fonts-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-twm-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-xauth-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-xdm-4.3.0-2.90.55.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/XFree86-xfs-4.3.0-2.90.55.i386.rpm
可使用下列命令安装补丁:

rpm -Fvh [文件名]

S.u.S.E.
--------
S.u.S.E.已经为此发布了一个安全公告(SuSE-SA:2004:006)以及相应补丁:
SuSE-SA:2004:006:xf86/XFree86
链接:

补丁下载:

    Intel i386 Platform:

    SuSE-9.0:
    ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/XFree86-4.3.0.1-46.i586.rpm
      dcaadc2b9438995c9a3ac6e4fc7bf181
    patch rpm(s):
    ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/XFree86-4.3.0.1-46.i586.patch.rpm
      f094861c9a0fbb5f27d168b680fe1a5b
    source rpm(s):
    ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/XFree86-4.3.0.1-46.src.rpm
      824c6173693342a033f75c503592e7e0

    SuSE-8.2:
    ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/XFree86-4.3.0-120.i586.rpm
      f1f01280e6e8a5a2f091a04c5836a51d
    patch rpm(s):
    ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/XFree86-4.3.0-120.i586.patch.rpm
      16ba90ef0ad607d1547cda7734b28750
    source rpm(s):
    ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/XFree86-4.3.0-120.src.rpm
      4100735436d4c8801c6add673fceb29e

    SuSE-8.1:
    ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/xf86-4.2.0-257.i586.rpm
      9ed1fc5ec83a42a85315391387610e6b
    patch rpm(s):
    ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/xf86-4.2.0-257.i586.patch.rpm
      9652732385f8670ea9d36151378b7428
    source rpm(s):
    ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/xf86-4.2.0-257.src.rpm
      e1d73191d2aabe3a6dda677e6fd716bc

    SuSE-8.0:
    ftp://ftp.suse.com/pub/suse/i386/update/8.0/x1/xf86-4.2.0-257.i386.rpm
      9b69aac017a0ac9905e3fc4e9594d435
    patch rpm(s):
    ftp://ftp.suse.com/pub/suse/i386/update/8.0/x1/xf86-4.2.0-257.i386.patch.rpm
      3076136bcdf20132f343768e4a71c7a2
    source rpm(s):
    ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/xf86-4.2.0-257.src.rpm
      1775eef155f4afdc9a3a08ff31a38607



    Opteron x86_64 Platform:

    SuSE-9.0:
    ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/XFree86-4.3.0.1-52.x86_64.rpm
      1714cb2eb566fab0e29277db9f9d2572
    patch rpm(s):
    ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/XFree86-4.3.0.1-52.x86_64.patch.rpm
      930944efc868b28d87a69a9543206546
    source rpm(s):
    ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/XFree86-4.3.0.1-52.src.rpm
      ee67773fcad341912b617d397991ed32

浏览次数:3761
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障