vulnerability ?

[Jeff Vian]

On Mon, 2006-10-02 at 19:58 -0700, norm wrote:
> On Tue, 03 Oct 2006 10:11:24 +0800
> Ed Greshko <Ed.Greshko at greshko.com> wrote:
> 
> > norm wrote:
> > > I recently ran a security scan on my system and the result in part
> > > was The remote host is missing the patch for the advisory
> > > FEDORA-2006-172 (xorg-x11-server).  It advises me to update my
> > > system using the latest from Fedora. To the best of my knowledge I
> > > am running a fully patched system with 2.6.17-1.2187_FC5.  
> > > This is a vulnerability that I understand to have been around for a
> > > while and I assume in the intervening 6 months or so it has been
> > > patched.  Does anyone know if this vulnerability is a false
> > > positive?
> > 
> > Is your xorg-x11-server-Xorg 1.0.1-9.fc5.5?
> > 
> Ed 
> How do I find out if it is?  From what I can figure out it is not, but
> that is only a guess.
> 
If you have been doing the routine yum updates then it 'should' be up to
date.

To check it run "rpm -qa xorg-x11-serv\* "  and it will tell you what
versions all the x11 servers are.  Mine are
        $ rpm -qa xorg-x11-serv\*
        xorg-x11-server-Xorg-1.0.1-9.fc5.5
        xorg-x11-server-utils-1.0.1-1.2
        xorg-x11-server-Xvfb-1.0.1-9.fc5.5
        xorg-x11-server-sdk-1.0.1-9.fc5.5
        xorg-x11-server-Xnest-1.0.1-9.fc5.5