From bb@suse.com Mon Feb 23 22:33:20 1998
From: bb@suse.com
To: users@lists.opensuse.org
Subject: Re: [S.u.S.E. Linux] Security problems with X - SuSE ?
Date: Mon, 23 Feb 1998 23:33:20 +0100
Message-ID: <6cstfg$1fd$1@Galois.suse.de>
In-Reply-To: <[S.u.S.E. Linux] Security problems with X - SuSE ?>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5606076367446738419=="
--===============5606076367446738419==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
W.D.McKinney wrote:
>=20
> Hi Guys,
>=20
> I am running SuSE 5.1 of course and wondered what to do about this problem ?
> I am running Accelerated-X 4.1 with my Matrox Millenium.
The XFree86 team is working on a wrapper to cover this problem. At the
moment they recommend to use XDM to launch the Xserver...
Ciao
BB
>=20
> Thanks
> -Dee
>=20
> -----BEGIN PGP SIGNED MESSAGE-----
>=20
> Various problems have been found in the X server which makes it a serious
> threat to system security. All versions of the X server, including Metro X
> and Accelerated X, are thought to be affected (only XFree86 and the MIT X
> reference implementation are *known* to be, however). This problem affects
> all Red Hat Linux platforms and versions.
>=20
> Currently, no new X servers are available. Instead, Red Hat recommends
> removing the special permissions from the X server binary (the setuid
> bit), and using a wrapper program which is now on ftp.redhat.com. To do
> this, follow the following steps. The order is quite important, so please
> follow these instructions carefully.
>=20
> 1) Remove the setuid bit from all X servers installed on your
> system with the following command:
>=20
> chmod u-s /usr/X11R6/bin/X*
>=20
> 2) Install the updated Xconfigurator package (details below)
>=20
> 3) Install the new xserver-wrapper package (details below)
>=20
> 4) If you are running Accelerated X, run the following command:
>=20
> ln -sf /usr/X11R6/bin/Xaccel /etc/X11/X
>=20
> if you are not running Accelerated X, do not do this step!
>=20
> After these steps have been completed, X should functions as usual.
>=20
> This information will appear on the Errata for Red Hat Linux 4.2 and
> Red Hat Linux 5.0 shortly.
>=20
> Thanks to everyone on BUGTRAQ who brought these problems to our attention.
>=20
> Red Hat 5.0
> - -------------
>=20
> i386:
> rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/Xconfigurator-3.26-=
1.i386.rpm>
> rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/xserver-wrapper-1=
.1-1.i386.rpm>
>=20
> alpha:
> rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/Xconfigurator-=
3.26-1.alpha.rpm>
> rpm -Uvh
> ftp://ftp.redhat.com/updates/5.0/alpha/xserver-wrapper-1.1-1=
.alpha.rpm>
>=20
> Red Hat 4.2
> - -------------
>=20
> i386:
> rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/Xconfigurator-2.6=
.1-1.i386.rpm>
> rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/xserver-wrapper-1=
.1-0.i386.rpm>
>=20
> alpha:
> rpm -Uvh
> ftp://ftp.redhat.com/updates/4.2/alpha/Xconfigurator-2.6.1-1=
.alpha.rpm>
> rpm -Uvh
> ftp://ftp.redhat.com/updates/4.2/alpha/xserver-wrapper-1.1-0=
.alpha.rpm>
>=20
> SPARC:
> rpm -Uvh
> ftp://ftp.redhat.com/updates/4.2/sparc/xserver-wrapper-1.1-0=
.sparc.rpm>
>=20
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
>=20
> iQCVAwUBNNiGsqUg6PHLopv5AQHsHgP/aPPd9omBYNM+ie1zOH+pxLRzouz/I6cq
> gdfzsb+0Wo/b6+0mIyAuKct5S1MQP695yx62EEMu6j/y54+jj2dTkGpNpdohbt3+
> jRGwxyQ6lHv2na/IFFKYPSYJdVT5bRbKz+/Tpi4AxYYYW1pIe57P9xxGB7aRV3f1
> veW8HK4mvbU=3D
> =3Ds3yj
> -----END PGP SIGNATURE-----
>=20
> --
> To get out of this list, please send email to majordomo(a)suse.com with
> this text in its body: unsubscribe suse-linux-e
--=20
Bodo Bauer S.u.S.E., LLC fon +1-510-835 7873=20
bb(a)suse.de 458 Santa Clara Avenue fax +1-510-835 7875
http://www=
.suse.com> Oakland CA, 94610 USA
--
To get out of this list, please send email to majordomo(a)suse.com with
this text in its body: unsubscribe suse-linux-e
--===============5606076367446738419==--