A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
The problem can be corrected by upgrading the affected package to
version 4.3.0.dfsg.1-6ubuntu25.2. In general, a standard system upgrade is
sufficient to effect the necessary changes.
Chris Gilbert discovered a buffer overflow in the XPM library shipped
with XFree86. If an attacker tricked a user into loading a malicious
XPM image with an application that uses libxpm, he could exploit this
to execute arbitrary code with the privileges of the user opening the
These overflows do not allow privilege escalation through the X
server; the overflows are in a client-side library.