On Tue, 24 Feb 2004, Frank Steiner wrote:
Hi,
Hi.
Thomas Biege wrote:
SUSE Security Announcement
Package: xf86/XFree86 Announcement-ID: SuSE-SA:2004:006
having installed the update on SuSE 8.0, X still crashes using the method from http://www.idefense.com/application/poi/display?id=72&type=vulnerabilities&flashstatus=false
Should that happen?
cu, Frank
############# watson /root/tmp# rpm -q --changelog xf86 | head -n 5
Does this even happen as non-root user?
* Thu Feb 12 2004 - thomas@suse.de
- fixed more buffer overflows in fontfile/ direc (#34296) - put together old and new bugs in fontfile-sec_bufferoverflows.diff
# having the fonts.alias and fonts.dir in tmp/: watson /root/tmp# X :0 -fp $PWD
XFree86 Version 4.2.0 / X Window System (protocol Version 11, revision 0, vendor release 6600) Release Date: 18 January 2002 If the server is older than 6-12 months, or if your card is newer than the above date, look for a newer version before reporting problems. (See http://www.XFree86.Org/) Build Operating System: SuSE Linux [ELF] SuSE Module Loader present Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/XFree86.0.log", Time: Tue Feb 24 10:10:34 2004 (==) Using config file: "/etc/X11/XF86Config"
Fatal server error: Caught signal 4. Server aborting
The original bug triggered a SIGSEGV (11) this one is a SIGILL (4).
Maybe it triggered just another bug. I'll verify the sources...
Bye,
Thomas
--
Thomas Biege