From deem@wdm.com Sun Feb 22 18:44:52 1998
From: deem@wdm.com
To: users@lists.opensuse.org
Subject: [S.u.S.E. Linux] Security problems with X - SuSE ?
Date: Sun, 22 Feb 1998 19:44:52 +0100
Message-ID: <6cprn4$pco$1@Galois.suse.de>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1713526427747205839=="
--===============1713526427747205839==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Hi Guys,
I am running SuSE 5.1 of course and wondered what to do about this problem ?
I am running Accelerated-X 4.1 with my Matrox Millenium.
Thanks
-Dee
-----BEGIN PGP SIGNED MESSAGE-----
Various problems have been found in the X server which makes it a serious
threat to system security. All versions of the X server, including Metro X
and Accelerated X, are thought to be affected (only XFree86 and the MIT X=20
reference implementation are *known* to be, however). This problem affects
all Red Hat Linux platforms and versions.
Currently, no new X servers are available. Instead, Red Hat recommends
removing the special permissions from the X server binary (the setuid
bit), and using a wrapper program which is now on ftp.redhat.com. To do
this, follow the following steps. The order is quite important, so please
follow these instructions carefully.
1) Remove the setuid bit from all X servers installed on your
system with the following command:
chmod u-s /usr/X11R6/bin/X*
2) Install the updated Xconfigurator package (details below)
3) Install the new xserver-wrapper package (details below)
4) If you are running Accelerated X, run the following command:
ln -sf /usr/X11R6/bin/Xaccel /etc/X11/X
if you are not running Accelerated X, do not do this step!
After these steps have been completed, X should functions as usual.
This information will appear on the Errata for Red Hat Linux 4.2 and
Red Hat Linux 5.0 shortly.=20
Thanks to everyone on BUGTRAQ who brought these problems to our attention.
Red Hat 5.0
- -------------
i386:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/Xconfigurator-3.26-1.=
i386.rpm>
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/xserver-wrapper-1.1=
-1.i386.rpm>
alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/Xconfigurator-3.=
26-1.alpha.rpm>
rpm -Uvh
ftp://ftp.redhat.com/updates/5.0/alpha/xserver-wrapper-1.1-1.a=
lpha.rpm>
Red Hat 4.2
- -------------
i386:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/Xconfigurator-2.6.1=
-1.i386.rpm>
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/xserver-wrapper-1.1=
-0.i386.rpm>
alpha:
rpm -Uvh
ftp://ftp.redhat.com/updates/4.2/alpha/Xconfigurator-2.6.1-1.a=
lpha.rpm>
rpm -Uvh
ftp://ftp.redhat.com/updates/4.2/alpha/xserver-wrapper-1.1-0.a=
lpha.rpm>
SPARC:
rpm -Uvh
ftp://ftp.redhat.com/updates/4.2/sparc/xserver-wrapper-1.1-0.s=
parc.rpm>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNNiGsqUg6PHLopv5AQHsHgP/aPPd9omBYNM+ie1zOH+pxLRzouz/I6cq
gdfzsb+0Wo/b6+0mIyAuKct5S1MQP695yx62EEMu6j/y54+jj2dTkGpNpdohbt3+
jRGwxyQ6lHv2na/IFFKYPSYJdVT5bRbKz+/Tpi4AxYYYW1pIe57P9xxGB7aRV3f1
veW8HK4mvbU=3D
=3Ds3yj
-----END PGP SIGNATURE-----
--
To get out of this list, please send email to majordomo(a)suse.com with
this text in its body: unsubscribe suse-linux-e
--===============1713526427747205839==--