Status: RELEASED

Patch Id: 109862-05

***********************************************************************
READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT
FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU
AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE
TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE.
***********************************************************************

Summary: X11 6.4.1 Font Server patch

Date:  Nov/12/2007

Installation Requirements:

Reboot after installation, an alternative may be in Special Install Instructions

Solaris Release: 8

Sun OS Release: 5.8

Unbundled Product: X11

Unbundled Release: 6.4.1

Xref: This patch available for x86 as 109863

Topic: 

Relevant Architecture: sparc

BugId's fixed with this patch:

4314299 4323233 4335325 4335328 4336593 4345905 4764193 4915967 6601751 6601756

Changes incorporated in this version:

6601751 6601756

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch: 

Required Patches:

Obsoleted by:

Files Included in this Patch: 

/usr/openwin/bin/xfs

Problem Description: 

6601751 [X.Org Bug 12298] *xfs* Integer overflows in build_range()
6601756 [X.Org Bug 12299] *xfs* swap_char2b() Heap Overflow Vulnerability
 
(from 109862-04)
 
4915967 integer overflows in X font server
 
(from 109862-03)
 
4764193 (rework) CERT Advisory CA-2002-34: xfs crashes on bad request (refix)
 
(from 109862-02)
 
4764193 xfs crashes on bad request
 
(from 109862-01)
 
4314299 /usr/openwin/bin/xfs dumps core
4323233 font server (xfs) not forking after client-limit is reached and inherits fd's
4335325 xfs doesn't clone itself if client-limit is larger than file descriptor limit
4335328 zombie processes are created when the fix bug #4323233 is used
4336593 xfs core dumped
4345905 cloned xfs can't write to error log file when the fix bug #4323233 is used

Revision History: 

109862-04 109862-03 109862-01

Patch Installation Instructions: 

--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
 
For Solaris 7-8 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
	example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
	example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.

Special Install Instructions: 

-----------------------------
 
For the changes in this patch to become effective, a reboot may be performed, 
or alternatively, the X Window System font server process, xfs, must be killed 
if it is already running.

The X font server, is normally started automatically from inetd on Solaris when
a request for a font service is received.  Xsun clients using the font server 
will detect the font server shutdown and reconnect automatically to a new 
instance of the font server.  Unfortunately, some other font clients, such as 
some versions of Xvnc, will not reconnect automatically and will need to be 
stopped before killing the font server and restarted again after the font server 
is restarted.  

(If xfs is still being run from inetd, inetd will automatically restart on the
first connection attempt.)

To kill the font server, as root, run the command:

pkill -x xfs

README -- Last modified date:  Tuesday, November 13, 2007