Security update for xorg-x11-libXt

SUSE Security Update: Security update for xorg-x11-libXt
Announcement ID: SUSE-SU-2014:0898-1
Rating: moderate
References: #815451 #821670
Affected Products:
  • SUSE Linux Enterprise Server 11 SP1 LTSS

  • An update that fixes two vulnerabilities is now available.

    Description:


    This is a SUSE Linux Enterprise Server 11 SP1 LTSS roll up update of
    xorg-x11-libXt, fixing security issues.

    These issues require connection to a malicious X server to trigger the
    bugs in client libraries.

    * CVE-2013-2002: Buffer overflow in X.org libXt allowed X servers to
    cause a denial of service (crash) and possibly execute arbitrary
    code via crafted length or index values to the
    _XtResourceConfigurationEH function.
    * CVE-2013-2005: X.org libXt did not check the return value of the
    XGetWindowProperty function, which allowed X servers to trigger use
    of an uninitialized pointer and memory corruption via vectors
    related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut,
    (4) HandleNormal, and (5) HandleSelectionReplies functions.

    Security Issues references:

    * CVE-2013-2002

    * CVE-2013-2005

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Server 11 SP1 LTSS:
      zypper in -t patch slessp1-xorg-x11-libXt-9390

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64):
      • xorg-x11-libXt-7.4-1.19.8
    • SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64):
      • xorg-x11-libXt-32bit-7.4-1.19.8

    References:

    • http://support.novell.com/security/cve/CVE-2013-2002.html
    • http://support.novell.com/security/cve/CVE-2013-2005.html
    • https://bugzilla.novell.com/815451
    • https://bugzilla.novell.com/821670
    • http://download.suse.com/patch/finder/?keywords=827019064a88342eab5f5c1cd0d70a80