A potential buffer overflow from the use of unsigned integers has been found in
the XPM processing library of xorg.
Adding to RHEL4U2 tracker
setting to moderate severity since only a subset of applications are affected by
this, and many of those do not parse untrusted xpm files. Applications like the
gimp and others have their own xpm implementations.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.