The X.Org Foundation and several Linux suppliers have released security fixes for the X Window System technology on which most Linux graphical front-ends are based, patching serious holes in a graphics-manipulation component.
X.Org said a number of bugs in the libXpm library used for manipulating pixmaps could allow an attacker to execute malicious code on a Linux system. The bugs, including integer overflows, out-of-bounds memory accesses, insecure path traversal and an endless loop, could be exploited by tricking a user into viewing a specially crafted pixmap file with one of the many applications that rely on libXpm.
Read More
computerweekly
