|
Patch 3163 : Multiple fixes for X libraries : [IRIX 6.2]
INDEX
RELATIONS
RELEASE NOTES
1. Patch SG0003163 Release Note
This release note describes patch SG0003163 to IRIX 6.2.
Patch SG0003163 replaces patches SG0001234, SG0001350,
SG0001398, SG0001428, SG0001470, SG0001585, SG0001746,
SG0002026, SG0002154 and SG0002580.
1.1 Supported Hardware Platforms
This patch contains bug fixes for all platforms.
1.2 Supported Software Platforms
This patch contains bug fixes for the X11 Execution
Environment on a system running IRIX 6.2 (version
1232792130) or IRIX 6.2 with Indigo2 Impact 10000 (version
1233007720). The software cannot be installed on other
configurations.
1.3 Bugs Fixed by Patch SG0003163
This patch contains fixes for the following bugs in IRIX
6.2. Bug numbers from Silicon Graphics bug tracking system
are included for reference.
o Buffer overflows in the Xaw library may provide an
exploitable security hole. (Bug #600686, #627441)
o Buffer overflows in the Xt library may provide an
exploitable security hole. (Bugs #600690, #609039,
#609104)
o Buffer overflows in the X11 library may provide an
exploitable security hole. (Bugs #607710, #608693,
#608806, #608998, #609085, #614197, #625464, #627631,
#628917, #628942)
o XtMalloc may be called in response to XtMalloc errors,
leading to a fatal recursion. (Bug #609236)
o Free of non-allocated memory in libX11. (Bug #615810)
o Buffer overflows in the Xmu library may provide an
exploitable security hole. (Bug #627136, #627543)
1.4 Bugs Fixed by Patch SG0002580
Patch SG0003163 also includes the bug fixes from Patch
SG0002580.
o IRIX6.2 doesn't support Turkish locale and keyboard.
(Bug #519535) (This patch fixes only keyboard stuff for
the bug.)
o XtOwnSelectionIncremental fails. (Bug #523684)
o Buffer overflow in Xrm code. (Bug #530669)
o Buffer overflow in Xt default error handler. (Bug
#530672)
o XInternAtom() generates bad X request in the 64 bit
library. (Bug #537721)
o Buffer overflow in X library font name parsing. (Bug
#543320)
1.5 Bugs Fixed by Patch SG0002154
Patch SG0003163 also includes the bug fixes from Patch
SG0002154.
o dlopen("libXt.so", RTLD_NOW) results in a fatal runtime
error, with an unresolved external symbol
SgCvtCreateConversionContext. (Bug #433544)
o XCreateIC leaks memory. (Bug #439052)
o Applications which generate signals such as SIGARLM may
lose connection to IM server. (Bug #488823)
o Security vulnerability in libXt (Bug #493564)
o Buffer overflow allows unprivileged users to get root
access through setuid X programs. (Bug #495591)
o Buffer overflows possible in libX11
internationalization code. (Bug #496885)
o Potential buffer overflow in XGetErrorDatabaseText.
(Bug #518036)
1.6 Bugs Fixed by Patch SG0001585
Patch SG0003163 also includes the bug fixes from Patch
SG0001585. Patch SG0001585 includes the bug fixes from
patches SG0001234, SG0001398, SG0001428, SG0001470.
o A call to XInternAtom passing a non-existent atom
generates an X request with a length of -1. This
causes an X Bad Length error and a subsequent crash of
the application. (Bug #353344)
o The X library does not include a converter which goes
from X keysyms to KOI8 characters. Without this
converter, XmbLookupString and XwcLookupString cannot
be used in a locale which uses the KOI8 character set,
effectively making it impossible to use. This patch
also adds a locale directory entry for the KOI8-based X
locale. (Bug #365702)
o Update the Russian keymap to make group lock available
by pressing both shift keys simultaneously. (Bug
#377695)
o Extra characters are generated when the group is
changed by pressing both shift keys in the KOI-8-based
Russian locale. (Bug #381248)
o iwsh is sometimes killed when caps lock is pressed
while using the KOI-8-based Russian locale. (Bug
#381257)
o XIM server displays '$' on the textfield. (Bug #383796)
o Showcase does not work with patch1398. (Bug #390471)
o Xlib creates wrong CompoundText for Cut&Paste due to an
SJIS to CompoundText converter problem. (Bug #400963)
o Add big5 support to libX11. (Bug #430277)
o xwnmo sets wrong locale with big5 locale. (Bug #430290)
1.7 Bugs Fixed by Patch SG0001746
Patch SG0003163 also includes the bug fixes from Patch
SG0001746.
o A call to XInternAtom passing a non-existent atom
generates an X request with a length of -1. This
causes an X Bad Length error and a subsequent crash of
the application. (Bug #353344)
1.8 Bugs Fixed by Patch SG0002026
Patch SG0003163 also includes the bug fixes from Patch
SG0002026. Patch SG0002026 includes the bug fixes from
Patch SG0001350.
o Add support for a new Xt resource that specifies the
desks an application appears in. (Bug #380848)
o Some keypad keys activate the wrong text widget
translations when NumLock is enabled. This only
happens when the user is using a keyboard mapping with
four keysyms per keycode (common with European
keyboards). (Bug #463094)
1.9 Subsystems Included in Patch SG0003163
This patch release includes these subsystems:
o patchSG0003163.x_eoe_sw.Server
o patchSG0003163.x_eoe_sw.eoe
o patchSG0003163.x_eoe_sw32.eoe
o patchSG0003163.x_eoe_sw64.eoe
o patchSG0003163.x_dev_sw.dev
o patchSG0003163.x_dev_sw32.dev
o patchSG0003163.x_dev_sw64.dev
1.10 Installation Instructions
Because you want to install only the patches for problems
you have encountered, patch software is not installed by
default. After reading the descriptions of the bugs fixed
in this patch (see Section 1.3), determine the patches that
meet your specific needs.
If, after reading Sections 1.1 and 1.2 of these release
notes, you are unsure whether your hardware and software
meet the requirements for installing a particular patch, run
inst. The inst program does not allow you to install
patches that are incompatible with your hardware or
software.
Patch software is installed like any other Silicon Graphics
software product. Follow the instructions in your Software
Installation Administrator's Guide to bring up the miniroot
form of the software installation tools.
Follow these steps to select a patch for installation:
1. At the Inst> prompt, type
install patchSGxxxxxxx
where xxxxxxx is the patch number.
2. Initiate the installation sequence. Type
Inst> go
3. You may find that two patches have been marked as
incompatible. (The installation tools reject an
installation request if an incompatibility is
detected.) If this occurs, you must deselect one of
the patches.
Inst> keep patchSGxxxxxxx
where xxxxxxx is the patch number.
4. After completing the installation process, exit the
inst program by typing
Inst> quit
1.11 Patch Removal Instructions
To remove a patch, use the versions remove command as you
would for any other software subsystem. The removal process
reinstates the original version of software unless you have
specifically removed the patch history from your system.
versions remove patchSGxxxxxxx
where xxxxxxx is the patch number.
To keep a patch but increase your disk space, use the
versions removehist command to remove the patch history.
versions removehist patchSGxxxxxxx
where xxxxxxx is the patch number.
1.12 Known Problems
This patch fixes only keyboard stuff for the Bug #519535
(IRIX6.2 doesn't support Turkish locale and keyboard).
INST SUBSYSTEM REQUIREMENTS No Requirements Information Available. INST SUBSYSTEM CHECKSUMS These checksums help to provide a 'signature' for the patch inst image which can be used to authenticate other inst images. You can obtain this kind of output by running sum -r on the image (from the command line): 28764 2195 patchSG0003163.x_dev_sw32 36394 4235 patchSG0003163.x_eoe_sw64 44792 3969 patchSG0003163.x_eoe_sw32 26523 4258 patchSG0003163.x_eoe_sw 16114 13 patchSG0003163.idb 26703 1871 patchSG0003163.x_dev_sw 23654 18 patch/README.patch.3163 32763 18 patchSG0003163 INST SUBSYSTEM FILE LISTINGS The following lists the files which get installed from each subsystem in the patch:
DOWNLOAD PATCH
|
||||||||||||||||||||||||||||||||||||
Document Id: 20021117071946-IRIXPatch-1245
|
||||||||||||||||||||||||||||||||||||