The following errata for CentOS-2 have been built and uploaded the the centos mirror:
RHSA-2004:610-01 Updated XFree86 packages fix security issues
Files available: XFree86-100dpi-fonts-4.1.0-64.EL.i386.rpm XFree86-4.1.0-64.EL.i386.rpm XFree86-75dpi-fonts-4.1.0-64.EL.i386.rpm XFree86-ISO8859-15-100dpi-fonts-4.1.0-64.EL.i386.rpm XFree86-ISO8859-15-75dpi-fonts-4.1.0-64.EL.i386.rpm XFree86-ISO8859-2-100dpi-fonts-4.1.0-64.EL.i386.rpm XFree86-ISO8859-2-75dpi-fonts-4.1.0-64.EL.i386.rpm XFree86-ISO8859-9-100dpi-fonts-4.1.0-64.EL.i386.rpm XFree86-ISO8859-9-75dpi-fonts-4.1.0-64.EL.i386.rpm XFree86-Xnest-4.1.0-64.EL.i386.rpm XFree86-Xvfb-4.1.0-64.EL.i386.rpm XFree86-cyrillic-fonts-4.1.0-64.EL.i386.rpm XFree86-devel-4.1.0-64.EL.i386.rpm XFree86-doc-4.1.0-64.EL.i386.rpm XFree86-libs-4.1.0-64.EL.i386.rpm XFree86-tools-4.1.0-64.EL.i386.rpm XFree86-twm-4.1.0-64.EL.i386.rpm XFree86-xdm-4.1.0-64.EL.i386.rpm XFree86-xf86cfg-4.1.0-64.EL.i386.rpm XFree86-xfs-4.1.0-64.EL.i386.rpm
More details are available from the RedHat web site at https://rhn.redhat.com/errata/rh21as-errata.html
The easy way to make sure you are up to date with all the latest patches is to run: # yum update