Advisories

Mandriva Advisories

Package name	WindowMaker
Date	August 31st, 2001
Advisory ID	MDKSA-2001:074
Affected versions	7.1, 7.2, 8.0, CS1.0
Synopsis	Updated WindowMaker packages fix buffer overflow vulnerability

Problem Description

A buffer overflow exists in the WindowMaker window manager's window
title handling code, as discovered by Alban Hertroys. Many programs,
such as web browsers, set the window title to something obtained from
the network, such as the title of the currently-viewed web page. As
such, this buffer overflow could be exploited remotely. WindowMaker
versions above and including 0.65.1 are fixed upstream; these packages
have been patched to correct the problem.

Updated Packages

Mandrakelinux 7.1

 48c5d3cfa2f9071830344918c429b76f  7.1/RPMS/WindowMaker-0.62.1-13.1mdk.i586.rpm
af2162d3ce9a508ea373d36eb7637f8f  7.1/RPMS/WindowMaker-devel-0.62.1-13.1mdk.i586.rpm
d80f24e05c3ce958b68632b26ca07c47  7.1/SRPMS/WindowMaker-0.62.1-13.1mdk.src.rpm

Mandrakelinux 7.2

 8f048b675c7220d622e83afca5676b00  7.2/RPMS/WindowMaker-0.62.1-18.1mdk.i586.rpm
c3dc24f5d24e8df7e820a39a767676c7  7.2/RPMS/WindowMaker-devel-0.62.1-18.1mdk.i586.rpm
e0e95d2ce199d33da6614ca9b99747fc  7.2/SRPMS/WindowMaker-0.62.1-18.1mdk.src.rpm

Mandrakelinux 8.0

 10d20d21c895a09172fa0f32f6b7363b  8.0/RPMS/WindowMaker-0.64.0-8.1mdk.i586.rpm
da9ffdad57c2dd4362e383a79ebf5951  8.0/RPMS/WindowMaker-devel-0.64.0-8.1mdk.i586.rpm
644f90bf9a1fa1efb9a34599b761a449  8.0/RPMS/libwraster2-0.64.0-8.1mdk.i586.rpm
9ec21851b8e98f4a4a633addac5b81ba  8.0/RPMS/libwraster2-devel-0.64.0-8.1mdk.i586.rpm
94e59837aa43db7e221083169e07ca67  8.0/SRPMS/WindowMaker-0.64.0-8.1mdk.src.rpm

Mandrakelinux 8.0/PPC

 3da4b475a9a67307b9f9afcdccf3cf14  ppc/8.0/RPMS/WindowMaker-0.64.0-8.1mdk.ppc.rpm
f7319c563da54ae7e0ab360af4e90f92  ppc/8.0/RPMS/WindowMaker-devel-0.64.0-8.1mdk.ppc.rpm
3dfca8bb681c1b2f82ad16a601df8688  ppc/8.0/RPMS/libwraster2-0.64.0-8.1mdk.ppc.rpm
03e3a82570ca4a63639732807de97014  ppc/8.0/RPMS/libwraster2-devel-0.64.0-8.1mdk.ppc.rpm
48424cbef2369db5b64be0607ff51db6  ppc/8.0/SRPMS/WindowMaker-0.64.0-8.1mdk.src.rpm

Corporate Server 1.0.1

 48c5d3cfa2f9071830344918c429b76f  1.0.1/RPMS/WindowMaker-0.62.1-13.1mdk.i586.rpm
af2162d3ce9a508ea373d36eb7637f8f  1.0.1/RPMS/WindowMaker-devel-0.62.1-13.1mdk.i586.rpm
d80f24e05c3ce958b68632b26ca07c47  1.0.1/SRPMS/WindowMaker-0.62.1-13.1mdk.src.rpm

References

http://www.windowmaker.org/src/ChangeLog

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer