Disclaimer: 

Please note: Although OBSOLETED patches are available on SunSolve, Sun recommends using the most recent patches and the most recent revision of those patches. OBSOLETED patches do not include the latest bug fixes and/or product enhancements, and may require the installation of additional patches as a corrective measure.

Status: OBSOLETE

Patch Id: 113924-04

***********************************************************************
READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT
FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU
AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE
TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE.
***********************************************************************

Summary: Obsoleted by: 113924-05 X11 6.6.1_x86: security font server patch

Date:  Nov/05/2007

Installation Requirements:

NA

Solaris Release: 9_x86

Sun OS Release: 5.9_x86

Unbundled Product: X11

Unbundled Release: 6.6.1

Xref: This patch available for SPARC as 113923

Topic: 

Relevant Architecture: i386

BugId's fixed with this patch:

4764193 4915967 6601751 6601756

Changes incorporated in this version:

6601751 6601756

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch: 

Required Patches:

Obsoleted by:

Files Included in this Patch: 

/usr/openwin/bin/xfs

Problem Description: 

6601751 [X.Org Bug 12298] *xfs* Integer overflows in build_range()
6601756 [X.Org Bug 12299] *xfs* swap_char2b() Heap Overflow Vulnerability
 
(from 113924-03)
 
4915967 integer overflows in X font server
 
(from 113924-02)
 
4764193 (rework) CERT Advisory CA-2002-34: xfs crashes on bad request
 
(from 113924-01)
 
4764193 xfs crashes on bad request

Revision History: 

113924-02 113924-03

Patch Installation Instructions: 

-------------------------------- 
Refer to the man pages for instructions on using 'patchadd' and 'patchrm'
scripts provided with Solaris.  Any other special or non-generic
installation instructions should be described below as special
instructions.  The following example installs a patch to a standalone
machine:
 
	example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
	example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.

Special Install Instructions: 

----------------------------- 
 
The X Window System Font Server, xfs, is normally started automatically
from inetd on Solaris when a request for a font service is received.
Therefore, to protect a running system against bug 4764193, after
installing this patch, you must either reboot or stop all running xfs
instances.  Xsun clients using the font server will detect the font
server shutdown and reconnect automatically to a new instance of the
font server. Unfortunately, some other font clients, such as some
versions of Xvnc, will not reconnect automatically and will need to be
stopped before killing the font server and restarted again after the
font server is restarted.  (If xfs is still being run from inetd, inetd
will automatically restart on the first connection attempt.)
 
To kill the font server, as root, run the command: 
 
pkill -x xfs

README -- Last modified date:  Wednesday, February 13, 2008