Description: | Description:
The remote host is missing updates announced in advisory RHSA-2005:501.
XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop.
Several integer overflow bugs were found in the way XFree86 parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2495 to this issue.
Additionally this update adds the following new features in this release: - - Support for ATI RN50/ES1000 chipsets has been added.
The following bugs were also fixed in this release: - - A problem with the X server's module loading system that led to cache incoherency on the Itanium architecture.
- - The X server's PCI config space accesses caused contention with the kernel if accesses occurred while the kernel lock was held.
- - X font server (xfs) crashed when accessing Type 1 fonts via showfont.
- - A problem with the X transport library prevented X applications from starting if the hostname started with a digit.
- - An issue where refresh rates were being restricted to 60Hz on some Intel i8xx systems
Users of XFree86 should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date
http://rhn.redhat.com/errata/RHSA-2005-501.html
Risk factor : High
CVSS Score: 5.1
|