| Description: | XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop.
Several integer overflow bugs were found in the way XFree86 parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2495 to this issue.
Additionally this update adds the following new features in this release: - Support for ATI RN50/ES1000 chipsets has been added.
The following bugs were also fixed in this release: - A problem with the X server's module loading system that led to cache incoherency on the Itanium architecture.
- The X server's PCI config space accesses caused contention with the kernel if accesses occurred while the kernel lock was held.
- X font server (xfs) crashed when accessing Type 1 fonts via showfont.
- A problem with the X transport library prevented X applications from starting if the hostname started with a digit.
- An issue where refresh rates were being restricted to 60Hz on some Intel i8xx systems
Users of XFree86 should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
|