XPM Security Flaw Affects Motif

[David Hollister]

The following security alert affects Motif developers. Details at
http://www.ics.com/developers

*************************
Security Alert:

Several security flaws were reported in the XPixMap library (XPM)
library code that parses image files. Portions of the XPM library have
been incorporated in the Motif source code since Motif 1.x.
Consequently, the most popular versions of Motif (including OpenMotif)
are affected and should be updated.

XPM library code that parses files (CAN-2004-0687, CAN-2004-0688) is
exploitable when parsing malicious images in an application that
handles XPM images.

Details and Motif patches are posted at:
http://www.ics.com/developers