xorg security update

CentOS Errata and Security Advisory CESA-2013:0502

The Core X11 clients packages provide the xorg-x11-utils,
xorg-x11-server-utils, and xorg-x11-apps clients that ship with the X
Window System.

It was found that the x11perfcomp utility included the current working
directory in its PATH environment variable. Running x11perfcomp in an
attacker-controlled directory would cause arbitrary code execution with
the privileges of the user running x11perfcomp. (CVE-2011-2504)

Also with this update, the xorg-x11-utils and xorg-x11-server-utils
packages have been upgraded to upstream version 7.5, and the xorg-x11-apps
package to upstream version 7.6, which provides a number of bug fixes and
enhancements over the previous versions. (BZ#835277, BZ#835278, BZ#835281)

All users of xorg-x11-utils, xorg-x11-server-utils, and xorg-x11-apps are
advised to upgrade to these updated packages, which fix these issues and
add these enhancements.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-March/081715.html
https://lists.centos.org/pipermail/centos-announce/2013-March/081766.html
https://lists.centos.org/pipermail/centos-announce/2013-March/081768.html
https://lists.centos.org/pipermail/centos-cr-announce/2013-February/027016.html
https://lists.centos.org/pipermail/centos-cr-announce/2013-February/027067.html
https://lists.centos.org/pipermail/centos-cr-announce/2013-February/027069.html

Affected packages:
xorg-x11-apps
xorg-x11-server-utils
xorg-x11-utils

Upstream details at:
https://access.redhat.com/errata/RHSA-2013:0502