MDKSA-2006:083
- Package name
- gdm
- Date
- 2006-05-09
- Advisory ID
- MDKSA-2006:083
- Affected versions
- 2006.0 i586 , 2006.0 x86_64
Problem description
A race condition in daemon/slave.c in gdm before 2.14.1 allows local
users to gain privileges via a symlink attack when gdm performs chown
and chgrp operations on the .ICEauthority file.
Packages have been patched to correct this issue.
Updated packages
2006.0 i586
d252ac2b6b8e0ea6c42b97d12154e054 2006.0/RPMS/gdm-2.8.0.4-1.1.20060mdk.i586.rpm 06c26efefc15238226177bcf2b557f98 2006.0/RPMS/gdm-Xnest-2.8.0.4-1.1.20060mdk.i586.rpm 7061440dac40a07c55a14e2a1f673536 2006.0/SRPMS/gdm-2.8.0.4-1.1.20060mdk.src.rpm
2006.0 x86_64
aaa20636b30f9b8df2c9c538b7c77635 x86_64/2006.0/RPMS/gdm-2.8.0.4-1.1.20060mdk.x86_64.rpm ac0ab88f60162481348072b67151883a x86_64/2006.0/RPMS/gdm-Xnest-2.8.0.4-1.1.20060mdk.x86_64.rpm 7061440dac40a07c55a14e2a1f673536 x86_64/2006.0/SRPMS/gdm-2.8.0.4-1.1.20060mdk.src.rpm