On Mon, 2006-10-02 at 19:58 -0700, norm wrote: > On Tue, 03 Oct 2006 10:11:24 +0800 > Ed Greshko <Ed.Greshko@xxxxxxxxxxx> wrote: > > > norm wrote: > > > I recently ran a security scan on my system and the result in part > > > was The remote host is missing the patch for the advisory > > > FEDORA-2006-172 (xorg-x11-server). It advises me to update my > > > system using the latest from Fedora. To the best of my knowledge I > > > am running a fully patched system with 2.6.17-1.2187_FC5. > > > This is a vulnerability that I understand to have been around for a > > > while and I assume in the intervening 6 months or so it has been > > > patched. Does anyone know if this vulnerability is a false > > > positive? > > > > Is your xorg-x11-server-Xorg 1.0.1-9.fc5.5? > > > Ed > How do I find out if it is? From what I can figure out it is not, but > that is only a guess. > If you have been doing the routine yum updates then it 'should' be up to date. To check it run "rpm -qa xorg-x11-serv\* " and it will tell you what versions all the x11 servers are. Mine are $ rpm -qa xorg-x11-serv\* xorg-x11-server-Xorg-1.0.1-9.fc5.5 xorg-x11-server-utils-1.0.1-1.2 xorg-x11-server-Xvfb-1.0.1-9.fc5.5 xorg-x11-server-sdk-1.0.1-9.fc5.5 xorg-x11-server-Xnest-1.0.1-9.fc5.5