XFree86 4.2.0 Errata

Errata for XFree86 4.2.0.

Last updated: 3 September 2002

Note: all of the above problems (and some others) are fixed in the 4.2.1
      patch release.

 1. Xlib problem on Solaris and SVR4

    On some platforms, particularly Solaris and SVR4, there is a
    bug in Xlib that prevents the i18n modules from being loaded.
    The symptoms are messages like the following:

      Warning: locale not supported by Xlib, locale set to C
      Warning: X locale modifiers not supported, using default
      Failed to open input method

    A source patch is available in the fixes subdirectory
    (4.2.0-xlib-i18n-module.patch).  It is also included in the
    xf-4_2-branch branch of the XFree86 CVS repository.


 2. libGLU-related build problem with recent versions of GCC.

    libGLU built with recent versions of gcc (such as 3.0.3) has
    an unresolved external reference.  This will typically show up
    as an error when building an application that uses libGLU (for
    example, glxinfo).

    A source patch is available in the fixes subdirectory
    (4.2.0-libGLU-bad-extern.patch).  It is also included in the
    xf-4_2-branch branch of the XFree86 CVS repository.

 3. Potential vulnerability in zlib.

    A recently released CERT vulnerability notice (VU#368819)
    describes a potential vulnerability in some versions of zlib.
    XFree86 4.2.0 includes zlib 1.0.8, and uses it on some platforms.

    A source patch to correct this is available in the fixes
    subdirectory (4.2.0-zlib-security.patch).  It is also included
    in the xf-4_2-branch branch of the XFree86 CVS repository.

 4. Security vulnerability in Xlib.

    XFree86 4.2.0 has a vulnerability in Xlib that makes it possible to
    load/execute arbitrary code in privileged applications.

    A source patch to correct this is available in the fixes
    subdirectory (4.2.0-xlib-security.patch).  It is also included
    in the xf-4_2-branch branch of the XFree86 CVS repository.