From bugtraq. http://www.securityfocus.com/vdb/bottom.html?vid=1235 A denial of service exists in XFree86 3.3.5, 3.3.6 and 4.0. A remote user can send a malformed packet to the TCP listening port, 6000, which will cause the X server to be unresponsive for some period of time. During this time, the keyboard will not respond to user input, and in some cases, the mouse will also not respond. During this time period, the X server will utilize 100% of the CPU, and can only be repaired by being signaled.
If it's any help, this appears to be the same issue for which Caldera has already issued a fix: ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-012.0.txt
we will have a fix available very soon.
errata will be released this week.
Are you sure, Preston? :-)
Sorry to be irritating :-)
I never saw an update? If one does appear, there are new (and not so new) other X security issues which need looking at; 1) Very recently, an Xlib overflow in UNIX socket name. See: http://www.securityfocus.com/archive/1/139436 2) Some serious Xlib/misc issues I found a while back. See: http://www.securityfocus.com/archive/1/65692 http://www.securityfocus.com/archive/1/65699 http://www.securityfocus.com/archive/1/65689 It is my understanding that all of these are fixed in XFree4.0.1 A backport should be easy. At the time the backport is done, a brief check for _other_ security holes fixed in 4.0.1 but not 3.3.6 might be advisible. Poor RH6.x users are currently running with known X security holes. The 2 DoS issues are particularly unpleasant
A number of security releated items are just checked into the xf-3_3-branch of xfree86 cvs. I will be releasing an errata including them before too long. I am waiting for the remainder of changes to get into cvs first, and also need to allow time for testing, etc.. Errata will be out likely by the end of the month.
I guess my definition of "before too long" is a bit premature. There is a test release at ftp://people.redhat.com/mharris/testing that fixes all known security issues with XFree86 3.3.6. This is my soon to be released errata candidate unless some major bug comes up in the next few days.