Errata for XFree86 4.2.0. Last updated: 3 September 2002 Note: all of the above problems (and some others) are fixed in the 4.2.1 patch release. 1. Xlib problem on Solaris and SVR4 On some platforms, particularly Solaris and SVR4, there is a bug in Xlib that prevents the i18n modules from being loaded. The symptoms are messages like the following: Warning: locale not supported by Xlib, locale set to C Warning: X locale modifiers not supported, using default Failed to open input method A source patch is available in the fixes subdirectory (4.2.0-xlib-i18n-module.patch). It is also included in the xf-4_2-branch branch of the XFree86 CVS repository. 2. libGLU-related build problem with recent versions of GCC. libGLU built with recent versions of gcc (such as 3.0.3) has an unresolved external reference. This will typically show up as an error when building an application that uses libGLU (for example, glxinfo). A source patch is available in the fixes subdirectory (4.2.0-libGLU-bad-extern.patch). It is also included in the xf-4_2-branch branch of the XFree86 CVS repository. 3. Potential vulnerability in zlib. A recently released CERT vulnerability notice (VU#368819) describes a potential vulnerability in some versions of zlib. XFree86 4.2.0 includes zlib 1.0.8, and uses it on some platforms. A source patch to correct this is available in the fixes subdirectory (4.2.0-zlib-security.patch). It is also included in the xf-4_2-branch branch of the XFree86 CVS repository. 4. Security vulnerability in Xlib. XFree86 4.2.0 has a vulnerability in Xlib that makes it possible to load/execute arbitrary code in privileged applications. A source patch to correct this is available in the fixes subdirectory (4.2.0-xlib-security.patch). It is also included in the xf-4_2-branch branch of the XFree86 CVS repository.