| Description: | X.Org is an open source implementation of the X Window System. It providesthe basic low-level functionality that full-fledged graphical userinterfaces are designed upon.A flaw was found in the way the X.Org server handled lock files. A localuser with access to the system console could use this flaw to determine theexistence of a file in a directory not accessible to the user, via asymbolic link attack. (CVE-2011-4028)Red Hat would like to thank the researcher with the nickname vladz forreporting this issue.This update also fixes the following bugs:* In rare cases, if the front and back buffer of the miDbePositionWindow()function were not both allocated in video memory, or were both allocated insystem memory, the X Window System sometimes terminated unexpectedly. Apatch has been provided to address this issue and X no longer crashes inthe described scenario. (BZ#596899)* Previously, when the miSetShape() function called the miRegionDestroy()function with a NULL region, X terminated unexpectedly if the backing storewas enabled. Now, X no longer crashes in the described scenario.(BZ#676270)* On certain workstations running in 32-bit mode, the X11 mouse cursoroccasionally became stuck near the left edge of the X11 screen. A patch hasbeen provided to address this issue and the mouse cursor no longer becomesstuck in the described scenario. (BZ#529717)* On certain workstations with a dual-head graphics adapter using the r500driver in Zaphod mode, the mouse pointer was confined to one monitor screenand could not move to the other screen. A patch has been provided toaddress this issue and the mouse cursor works properly across both screens.(BZ#559964)* Due to a double free operation, Xvfb (X virtual framebuffer) terminatedunexpectedly with a segmentation fault randomly when the last clientdisconnected, that is when the server reset. This bug has been fixed in themiDCCloseScreen() function and Xvfb no longer crashes. (BZ#674741)* Starting the Xephyr server on an AMD64 or Intel 64 architecture with anintegrated graphics adapter caused the server to terminate unexpectedly.This bug has been fixed in the code and Xephyr no longer crashes in thedescribed scenario. (BZ#454409)* Previously, when a client made a request bigger than 1/4th of the limitadvertised in the BigRequestsEnable reply, the X server closed theconnection unexpectedly. With this update, the maxBigRequestSize variablehas been added to the code to check the size of client requests, thusfixing this bug. (BZ#555000)* When an X client running on a big-endian system called theXineramaQueryScreens() function, the X server terminated unexpectedly. Thisbug has been fixed in the xf86Xinerama module and the X server no longercrashes in the described scenario. (BZ#588346)* When installing Red Hat Enterprise Linux 5 on an IBM eServer System pblade server, the installer did not set the correct mode on the built-inKVM (Keyboard-Video-Mouse). Consequently, the graphical installer took avery long time to appear and then was displayed incorrectly. A patch hasbeen provided to address this issue and the graphical installer now worksas expected in the described scenario. Note that this fix requires theRed Hat Enterprise Linux 5.8 kernel update. (BZ#740497)* Lines longer than 46,340 pixels can be drawn with one of the coordinatesbeing negative. However, for dashed lines, the miPolyBuildPoly() functionoverflowed the "int" type when setting up edges for a section of a dashedline. Consequently, dashed segments were not drawn at all. An upstreampatch has been applied to address this issue and dashed lines are now drawncorrectly. (BZ#649810)All users of xorg-x11-server are advised to upgrade to these updatedpackages, which correct these issues. All running X.Org server instancesmust be restarted for this update to take effect. |