drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Fehlerhafte Zugriffsrechte in gdm
Name: |
Fehlerhafte Zugriffsrechte in gdm |
|
ID: |
MDKSA-2006:083 |
|
Distribution: |
Mandriva |
|
Plattformen: |
Mandriva 2006.0 |
|
Datum: |
Mi, 10. Mai 2006, 08:21 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1057 |
|
Applikationen: |
Gnome Display Manager |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1147242046-6282-261
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
_______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2006:083 http://www.mandriva.com/security/ _______________________________________________________________________ Package : gdm Date : May 9, 2006 Affected: 2006.0 _______________________________________________________________________ Problem Description: A race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. Packages have been patched to correct this issue. _______________________________________________________________________
References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1057 _______________________________________________________________________ Updated Packages: Mandriva Linux 2006.0: d252ac2b6b8e0ea6c42b97d12154e054 2006.0/RPMS/gdm-2.8.0.4-1.1.20060mdk.i586.rpm 06c26efefc15238226177bcf2b557f98 2006.0/RPMS/gdm-Xnest-2.8.0.4-1.1.20060mdk.i586.rpm 7061440dac40a07c55a14e2a1f673536 2006.0/SRPMS/gdm-2.8.0.4-1.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: aaa20636b30f9b8df2c9c538b7c77635 x86_64/2006.0/RPMS/gdm-2.8.0.4-1.1.20060mdk.x86_64.rpm ac0ab88f60162481348072b67151883a x86_64/2006.0/RPMS/gdm-Xnest-2.8.0.4-1.1.20060mdk.x86_64.rpm 7061440dac40a07c55a14e2a1f673536 x86_64/2006.0/SRPMS/gdm-2.8.0.4-1.1.20060mdk.src.rpm _______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com _______________________________________________________________________
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEYRhbmqjQ0CJFipgRAg2jAKCoZJtEFmoLieJFZhMjpKS+LHZcwgCdEvsZ G+JunIe1aW/YTAb3h+Dsqto= =+FEO -----END PGP SIGNATURE-----
------------=_1147242046-6282-261 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________
------------=_1147242046-6282-261--
|
|
|
|