oss-sec mailing list archives
CVE Request - xlockmore 5.43 fixes a security flaw
From: "mancha" <mancha1 () hush com>
Date: Tue, 16 Jul 2013 19:18:07 +0000
Hello Kurt, vendors, et al. xlockmore 5.43 released 2 days ago with a fix for a security flaw related to potential NULL pointer dereferences when authenticating via glibc 2.17+ crypt() and OSF/1 C2 security's dispcrypt(). Under certain conditions the NULL pointers can trigger a crash in xlockmore effectively bypassing the screen lock. [1] http://www.tux.org/~bagleyd/xlock/xlockmore.README --mancha
Current thread:
- CVE Request - xlockmore 5.43 fixes a security flaw mancha (Jul 16)
- Re: CVE Request - xlockmore 5.43 fixes a security flaw Kurt Seifried (Jul 16)
- <Possible follow-ups>
- Re: CVE Request - xlockmore 5.43 fixes a security flaw mancha (Jul 16)
- Re: CVE Request - xlockmore 5.43 fixes a security flaw Kurt Seifried (Jul 18)
- Re: CVE Request - xlockmore 5.43 fixes a security flaw mancha (Jul 18)
- Re: CVE Request - xlockmore 5.43 fixes a security flaw Kurt Seifried (Jul 18)