* This security update, applied a backported patch to fix a flaw in the X server resource database utility, xrdb. While this patch resolved the security issue, it also introduced an error in the macro expansion mechanism. Consequent to this, an attempt to run the xrdb utility could fail with the following messages written to standard error: sh: -c: line 0: unexpected EOF while looking for matching `"' sh: -c: line 1: syntax error: unexpected end of file With this update, the underlying source code has been adapted to correct the macro expansion mechanism, and the xrdb utility now works as expected. Note that all running instances of the X.Org server must be restarted for this update to take effect. SL 4.x SRPMS: xorg-x11-6.8.2-1.EL.68.src.rpm i386: xorg-x11-6.8.2-1.EL.68.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.68.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.68.i386.rpm xorg-x11-devel-6.8.2-1.EL.68.i386.rpm xorg-x11-doc-6.8.2-1.EL.68.i386.rpm xorg-x11-font-utils-6.8.2-1.EL.68.i386.rpm xorg-x11-libs-6.8.2-1.EL.68.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.68.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.68.i386.rpm xorg-x11-sdk-6.8.2-1.EL.68.i386.rpm xorg-x11-tools-6.8.2-1.EL.68.i386.rpm xorg-x11-twm-6.8.2-1.EL.68.i386.rpm xorg-x11-xauth-6.8.2-1.EL.68.i386.rpm xorg-x11-xdm-6.8.2-1.EL.68.i386.rpm xorg-x11-Xdmx-6.8.2-1.EL.68.i386.rpm xorg-x11-xfs-6.8.2-1.EL.68.i386.rpm xorg-x11-Xnest-6.8.2-1.EL.68.i386.rpm xorg-x11-Xvfb-6.8.2-1.EL.68.i386.rpm x86_64: xorg-x11-6.8.2-1.EL.68.x86_64.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.68.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.68.x86_64.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.68.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.68.x86_64.rpm xorg-x11-devel-6.8.2-1.EL.68.i386.rpm xorg-x11-devel-6.8.2-1.EL.68.x86_64.rpm xorg-x11-doc-6.8.2-1.EL.68.x86_64.rpm xorg-x11-font-utils-6.8.2-1.EL.68.x86_64.rpm xorg-x11-libs-6.8.2-1.EL.68.i386.rpm xorg-x11-libs-6.8.2-1.EL.68.x86_64.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.68.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.68.x86_64.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.68.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.68.x86_64.rpm xorg-x11-sdk-6.8.2-1.EL.68.x86_64.rpm xorg-x11-tools-6.8.2-1.EL.68.x86_64.rpm xorg-x11-twm-6.8.2-1.EL.68.x86_64.rpm xorg-x11-xauth-6.8.2-1.EL.68.x86_64.rpm xorg-x11-xdm-6.8.2-1.EL.68.x86_64.rpm xorg-x11-Xdmx-6.8.2-1.EL.68.x86_64.rpm xorg-x11-xfs-6.8.2-1.EL.68.x86_64.rpm xorg-x11-Xnest-6.8.2-1.EL.68.x86_64.rpm xorg-x11-Xvfb-6.8.2-1.EL.68.x86_64.rpm - Scientific Linux Development Team On 04/12/2011 03:26 PM, Troy J Dawson wrote: > Synopsis: Moderate: xorg-x11 security update > Issue date: 2011-04-11 > CVE Names: CVE-2011-0465 > > A flaw was found in the X.Org X server resource database utility, xrdb. > Certain variables were not properly sanitized during the launch of a > user's graphical session, which could possibly allow a remote attacker > to execute arbitrary code with root privileges, if they were able to > make the display manager execute xrdb with a specially-crafted X client > hostname. For example, by configuring the hostname on the target system > via a crafted DHCP reply, or by using the X Display Manager Control > Protocol (XDMCP) to connect to that system from a host that has a > special DNS name. (CVE-2011-0465) > > All running X.Org server instances must be restarted for this update to > take effect. > > SL 4.x > > SRPMS: > xorg-x11-6.8.2-1.EL.67.src.rpm > i386: > xorg-x11-6.8.2-1.EL.67.i386.rpm > xorg-x11-deprecated-libs-6.8.2-1.EL.67.i386.rpm > xorg-x11-deprecated-libs-devel-6.8.2-1.EL.67.i386.rpm > xorg-x11-devel-6.8.2-1.EL.67.i386.rpm > xorg-x11-doc-6.8.2-1.EL.67.i386.rpm > xorg-x11-font-utils-6.8.2-1.EL.67.i386.rpm > xorg-x11-libs-6.8.2-1.EL.67.i386.rpm > xorg-x11-Mesa-libGL-6.8.2-1.EL.67.i386.rpm > xorg-x11-Mesa-libGLU-6.8.2-1.EL.67.i386.rpm > xorg-x11-sdk-6.8.2-1.EL.67.i386.rpm > xorg-x11-tools-6.8.2-1.EL.67.i386.rpm > xorg-x11-twm-6.8.2-1.EL.67.i386.rpm > xorg-x11-xauth-6.8.2-1.EL.67.i386.rpm > xorg-x11-xdm-6.8.2-1.EL.67.i386.rpm > xorg-x11-Xdmx-6.8.2-1.EL.67.i386.rpm > xorg-x11-xfs-6.8.2-1.EL.67.i386.rpm > xorg-x11-Xnest-6.8.2-1.EL.67.i386.rpm > xorg-x11-Xvfb-6.8.2-1.EL.67.i386.rpm > x86_64: > xorg-x11-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-deprecated-libs-6.8.2-1.EL.67.i386.rpm > xorg-x11-deprecated-libs-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-deprecated-libs-devel-6.8.2-1.EL.67.i386.rpm > xorg-x11-deprecated-libs-devel-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-devel-6.8.2-1.EL.67.i386.rpm > xorg-x11-devel-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-doc-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-font-utils-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-libs-6.8.2-1.EL.67.i386.rpm > xorg-x11-libs-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-Mesa-libGL-6.8.2-1.EL.67.i386.rpm > xorg-x11-Mesa-libGL-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-Mesa-libGLU-6.8.2-1.EL.67.i386.rpm > xorg-x11-Mesa-libGLU-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-sdk-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-tools-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-twm-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-xauth-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-xdm-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-Xdmx-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-xfs-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-Xnest-6.8.2-1.EL.67.x86_64.rpm > xorg-x11-Xvfb-6.8.2-1.EL.67.x86_64.rpm > > -Connie Sieh > -Troy Dawson > > > -- __________________________________________________ Troy Dawson [log in to unmask] (630)840-6468 Fermilab ComputingDivision/SCF/FEF/SLSMS Group __________________________________________________