=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2006/VULN248
_____________________________________________________________________

DATE                      : 12/05/2006

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : OpenBSD running X.org.

======================================================================

A security vulnerability has been found in the X.Org server --
CVE-2006-1526. Clients authorized to connect to the X server are able to
crash it and to execute malicious code within the X server.

Patches for the respective releases:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/002_xorg.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/007_xorg.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/013_xorg.patch

======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================