[Frugalware-security] [ FSA-38 ] libx11

voroskoi noreply at frugalware.org
Mon Nov 6 10:48:40 CET 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frugalware Security Advisory                           FSA-38

Date: 2006-11-06
Package: libx11
Vulnerable versions: <= 1.0.3-1
Unaffected versions: >= 1.0.3-2siwenna1
Related bugreport: http://bugs.frugalware.org/task/1416
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5397

Description
===========

Kees Cook has reported a vulnerability in libX11, which can be exploited by malicious, local users to disclose potentially sensitive information.
The vulnerability is caused due to a file descriptor leak in the Xinput module, which can be exploited to disclose the content of certain files.

Updated Packages
================

Check if you have libx11 installed:

	# pacman -Q libx11

If found, then you should upgrade to the latest version:

	# pacman -Sy libx11

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info

iD8DBQFFTwT4Z7NElSD1VhkRAgnlAJ9/49GzgcQeyLWQteB3eMkks9535gCeMZxg
K1DpC/H4uM4ZZAPKeNYAdNg=
=jkfN
-----END PGP SIGNATURE-----


More information about the Frugalware-security mailing list