COMMAND

    XFree86

SYSTEMS AFFECTED

    XFree86 4.0.2

PROBLEM

    Wolfgang Wieser  found following.   While originally  looking  for
    bugs in KDE 2.1, he found  a severe bug in XFree86 4.0.2.  (server
    crash; possibly even exploitable remotely).

    He just can't figure out which function causes it (gdb reports  an
    address but cannot resolve the function although debugging symbols
    were compiled  in.) And  I do  not know  which client-side  action
    (Xlib function call) provokes the bug.

    Here is how to reproduce it:
    - Load  konqueror  (doing  this  with  konqueror  2.1 and fvwm  as
      windowmanager)
    - Insert 1024 `a' in a text editor (using NEdit)
    - Select the 1024 `a' (without tailing newline)
    - Press the middle mouse  button in konqueror's location bar  four
      times (be sure not to perform a double-click)
    - Now, Press the `Pos1' or  `Home' key to get to the  beginning of
      the location bar, then press  the right arrow to get  one letter
      rigt (maybe not necessary)
    - Now paste again two times the `a's using the middle mouse button
    - Now  press  the  `End'-key  (the  one doing the opposite of  the
      `Home' key) to get to the end of the location bar's text again

    This  causes  my  XFree86-4.0.2  to  catch  a SIGSEGV and it exits
    (cleaning up  the terminal  without problems  so you  just have to
    start it again).

SOLUTION

    XFree86 < 4.0.0 does not seem to be affected.