---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: SUSE update for XFree86 and Xorg SECUNIA ADVISORY ID: SA23758 VERIFY ADVISORY: http://secunia.com/advisories/23758/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux 9.3 http://secunia.com/product/4933/ SuSE Linux Enterprise Server 8 http://secunia.com/product/1171/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ SuSE Linux Standard Server 8 http://secunia.com/product/2526/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ UnitedLinux 1.0 http://secunia.com/product/2003/ SOFTWARE: Novell Open Enterprise Server http://secunia.com/product/4664/ DESCRIPTION: SUSE has issued an update for XFree86 and Xorg. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA23670 SOLUTION: Apply updated packages. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/xorg-x11-server-7.2-30.4.i586.rpm 58a6c5df853248cf8b288c3b42418ed4 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/xorg-x11-server-6.9.0-50.30.i586.rpm 73150d439b17768c2a634b3a6d2bc9e0 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/xorg-x11-server-6.8.2-100.10.i586.rpm de6c0a54f56c216296ff9a7b3a3dc571 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/xorg-x11-server-6.8.2-30.10.i586.rpm cb05dbcf305d096cfea12acc7d250483 Power PC Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/xorg-x11-server-7.2-30.4.ppc.rpm af51406c70d92459c507718946883156 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/xorg-x11-server-6.9.0-50.30.ppc.rpm c93f29c703d5a9ab6c05f6348df42d3b SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/xorg-x11-server-6.8.2-100.10.ppc.rpm 122c81ed707559eb873a511ec7a381a1 x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/xorg-x11-server-7.2-30.4.x86_64.rpm 2096f490f773d96e5a11cf9e715bdd74 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/xorg-x11-server-6.9.0-50.30.x86_64.rpm 68ac3ff1bfa31483f016c62d72e934a3 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xorg-x11-server-6.8.2-100.10.x86_64.rpm 37cfc2641f53d9a70c8e437b58e2823f SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/xorg-x11-server-6.8.2-30.10.x86_64.rpm 864dc49e5a969a737efefc7c2a1fa3d6 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/xorg-x11-server-7.2-30.4.src.rpm 7539d15ac32aa71a3dbbe23dd39854aa Open Enterprise Server http://support.novell.com/techcenter/psdb/3806664392b7217bd698fe6e5213851c.html Novell Linux POS 9 http://support.novell.com/techcenter/psdb/3806664392b7217bd698fe6e5213851c.html Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/3806664392b7217bd698fe6e5213851c.html SuSE Linux Desktop 1.0 http://support.novell.com/techcenter/psdb/3806664392b7217bd698fe6e5213851c.html SUSE SLES 9 http://support.novell.com/techcenter/psdb/3806664392b7217bd698fe6e5213851c.html UnitedLinux 1.0 http://support.novell.com/techcenter/psdb/765b98b723b218b9c8a8e02d4064621a.html SuSE Linux Openexchange Server 4 http://support.novell.com/techcenter/psdb/765b98b723b218b9c8a8e02d4064621a.html SuSE Linux Enterprise Server 8 http://support.novell.com/techcenter/psdb/765b98b723b218b9c8a8e02d4064621a.html SuSE Linux Standard Server 8 http://support.novell.com/techcenter/psdb/765b98b723b218b9c8a8e02d4064621a.html SuSE Linux School Server http://support.novell.com/techcenter/psdb/765b98b723b218b9c8a8e02d4064621a.html SUSE LINUX Retail Solution 8 http://support.novell.com/techcenter/psdb/765b98b723b218b9c8a8e02d4064621a.html SUSE SLES 10 http://support.novell.com/techcenter/psdb/8d278592fd99987cae177d85827bdf26.html SUSE SLED 10 http://support.novell.com/techcenter/psdb/8d278592fd99987cae177d85827bdf26.html ORIGINAL ADVISORY: http://www.novell.com/linux/security/advisories/2007_08_x.html OTHER REFERENCES: SA23670: http://secunia.com/advisories/23670/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------