X.Org is an open source implementation of the X Window System. A use-after-free flaw was found in the way the X.Org server handled ImageText requests. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges.
Created attachment 806554 [details] upstream patch
Acknowledgements: Red Hat would like to thank the X.Org security team for reporting this issue. Upstream acknowledges Pedro Ribeiro as the original reporter.
This is now public: http://lists.x.org/archives/xorg-announce/2013-October/002332.html
Created xorg-x11-server tracking bugs for this issue: Affects: fedora-all [bug 1017013]
Statement: (none)
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2013:1426 https://rhn.redhat.com/errata/RHSA-2013-1426.html