Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#6008 - security bug in gdm 2.16.3
Attached to Project:
Arch Linux
Opened by Hussam Al-Tayeb (hussam) - Thursday, 14 December 2006, 16:01 GMT
Last edited by Roman Kyrylych (Romashka) - Saturday, 16 December 2006, 12:46 GMT
Opened by Hussam Al-Tayeb (hussam) - Thursday, 14 December 2006, 16:01 GMT
Last edited by Roman Kyrylych (Romashka) - Saturday, 16 December 2006, 12:46 GMT
|
DetailsA security bug has been discovered in gdm 2.16.3
It's been fixed in gdm 2.16.4 according to the changelog: 2.16.4 Stuff: - Fix for a recently reported security issue that has ID CVE-2006-6105. This fixes a problem where a user can enter strings like "%08x" into the gdmchooser "Add"j host button and print out memory. (Brian Cameron) - Fix for TryExec check in gdmsession to make sure that any arguments are not passed to g_find_program_in_path since this causes the function to say it is not executable. (Brian Cameron) - Translation updates (Runa Bhattacharjee, Josep Puigdemont i Casamaj\303\263, Laurent Dhima, I. Felix, David Lodge, Ani Peter, Rajesh Ranjan, Clytie Siddall, Vincent van Adrighem) |
This task depends upon
Closed by Jan de Groot (JGC)
Tuesday, 19 December 2006, 23:13 GMT
Reason for closing: Fixed
Additional comments about closing: Updated to 2.16.4.
Tuesday, 19 December 2006, 23:13 GMT
Reason for closing: Fixed
Additional comments about closing: Updated to 2.16.4.