oss-sec mailing list archives
CVE Request: lightdm incorrect .Xauthority permissions
From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Wed, 11 Sep 2013 09:05:07 -0400
Hello, lightdm before 1.4.3, 1.6.2 and 1.7.14 created .Xauthority files with world-readable permissions. Fixed by the following commits: 1.4.x: http://bazaar.launchpad.net/~lightdm-team/lightdm/1.4/revision/1571 http://bazaar.launchpad.net/~lightdm-team/lightdm/1.4/revision/1576 http://bazaar.launchpad.net/~lightdm-team/lightdm/1.4/revision/1577 1.6.x: http://bazaar.launchpad.net/~lightdm-team/lightdm/1.6/revision/1641 http://bazaar.launchpad.net/~lightdm-team/lightdm/1.6/revision/1652 http://bazaar.launchpad.net/~lightdm-team/lightdm/1.6/revision/1653 1.7.x: http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1675 http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1780 http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1781 Bug reports: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1175023 https://bugs.launchpad.net/lightdm/+bug/685212 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721744 Could a CVE please be assigned to this issue? Thanks, Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Current thread:
- CVE Request: lightdm incorrect .Xauthority permissions Marc Deslauriers (Sep 11)
- Re: CVE Request: lightdm incorrect .Xauthority permissions Kurt Seifried (Sep 11)