Patch-ID# 113923-06


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security font server
Synopsis: X11 6.6.1: security font server patch
Date: Jul/25/2012


Install Requirements: Reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.

Solaris Release: 9

SunOS Release: 5.9

Unbundled Product: X11

Unbundled Release: 6.6.1

Xref: This patch available for x86 as patch 113924

Topic:

Relevant Architectures: sparc

Bugs fixed with this patch:

Sun CR # Bug #
476419315128797
491596715175251
660175115421665
660175615421669
661874815431938
715758515782273


Changes incorporated in this version: 7157585

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

/usr/openwin/bin/xfs

Problem Description:

7157585 problem with Xserver (font)
 
(from 113923-05) 
 
6618748 xfs patches for Solaris 9 and 10 need rebootafter patch property
 
(from 113923-04) 
 
6601751 [X.Org Bug 12298] *xfs* Integer overflows in build_range()
6601756 [X.Org Bug 12299] *xfs* swap_char2b() Heap Overflow Vulnerability
 
(from 113923-03) 
 
4915967 integer overflows in X font server
 
(from 113923-02) 
 
4764193 (rework) CERT Advisory CA-2002-34: xfs crashes on bad request
 
(from 113923-01) 
 
4764193 xfs crashes on bad request


Patch Installation Instructions:
-------------------------------- 
 
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
 
The following example installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/123456-07
 
The following example removes a patch from a standalone system:
 
       example# patchrm 123456-07
 
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.


Special Install Instructions:
----------------------------- 
 
For the changes in this patch to become effective, a reboot may be performed, or
alternatively, the X Window System font server process, xfs, must be killed if
it is already running.
 
The X font server, is normally started automatically from inetd on Solaris when
a request for a font service is received.  Xsun clients using the font server
will detect the font server shutdown and reconnect automatically to a new
instance of the font server. Unfortunately, some other font clients, such as
some versions of Xvnc, will not reconnect automatically and will need to be
stopped before killing the font server and restarted again after the font server
is restarted.  (If xfs is still being run from inetd, inetd will automatically
restart on the first connection attempt).
 
To kill the font server, as root, run the command:
 
pkill -x xfs


README -- Last modified date: Friday, November 9, 2012