oss-sec mailing list archives
Re: [LightDM] Version 1.0.6 released
From: Yves-Alexis Perez <corsac () debian org>
Date: Wed, 02 Nov 2011 16:54:09 +0100
On mer., 2011-11-02 at 11:42 -0400, Robert Ancell wrote:
Fixes a security issue where using ~/.Xauthority as a symlink would
cause LightDM to set the destination of the link to user ownership.
All users of 1.0.4 or 1.0.5 should upgrade immediately.
Overview of changes in lightdm 1.0.6
* Use lchown for correcting ownership of ~/.Xauthority instead of chown
Could a CVE be assigned for this? Regards, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: [LightDM] Version 1.0.6 released Yves-Alexis Perez (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Kurt Seifried (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Yves-Alexis Perez (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Kurt Seifried (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Marc Deslauriers (Nov 09)
- Re: Re: [LightDM] Version 1.0.6 released Guido Berhoerster (Nov 10)
- Re: Re: [LightDM] Version 1.0.6 released Robert Ancell (Nov 10)
- Re: Re: [LightDM] Version 1.0.6 released Guido Berhoerster (Nov 11)
- Re: Re: [LightDM] Version 1.0.6 released John Haxby (Nov 11)
- Re: Re: [LightDM] Version 1.0.6 released Marc Deslauriers (Nov 11)
- Re: Re: [LightDM] Version 1.0.6 released Yves-Alexis Perez (Nov 22)
- Re: Re: [LightDM] Version 1.0.6 released Yves-Alexis Perez (Nov 02)
- Re: Re: [LightDM] Version 1.0.6 released Kurt Seifried (Nov 02)