Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 486
Alerts This Week
Warning Icon 1 486

Fedora 22: lxdm Security Advisory on Access and Descriptor Problems

fedora
Calendar Grey October 17, 2015
Dist Fedora Esm H88
A revision for lxdm in Fedora 22 fixes problems related to file descriptor management and access rights for local users.
It is found that lxdm does not close file descriptor for log file althouhg it should

Summary

LXDM is the future display manager of LXDE, the Lightweight X11 Desktop

environment. It is designed as a lightweight alternative to replace GDM or

KDM in LXDE distros. It's still in very early stage of development.

Update Information:

It is found that lxdm does not close file descriptor for log file althouhg it should. Also session started via lxdm can allow any local user to connect X. This new rpm should fix these issues.

Change Log

References


[ 1 ] Bug #1268900 - lxdm: X server started without -auth, exposing it to connections form any local user https://bugzilla.redhat.com/show_bug.cgi?id=1268900 [ 2 ] Bug #846086 - lxdm: leaks file descriptors https://bugzilla.redhat.com/show_bug.cgi?id=846086

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update lxdm' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: lxdm
Product: Fedora 22
Version: 0.4.1
Release: 10.fc22
URL:
Summary: Lightweight X11 Display Manager

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.