Slackware: SSA:2003-236-01 Moderate: GDM File Access Exposure
slackware
August 25, 2003
This fixes a bug where a local user may read any system file by making a symlink to it from $HOME/.xsession-errors and using GDM's error browser to read the file.
Summary
Here are the details from the Slackware 9.0 ChangeLog: Sun Aug 24 14:36:29 PDT 2003 patches/packages/gdm-2.4.1.6-i386-1.tgz: Upgraded to gdm-2.4.1.6. This fixes a bug where a local user may read any system file by making a symlink to it from $HOME/.xsession-errors and using GDM's error browser to read the file. (* Security fix *) WHERE TO FIND THE NEW PACKAGES: Updated package for Slackware 9.0: Updated package for Slackware -current: MD5 SIGNATURES: Slackware 9.0 package: a5939f91ac56b5dd97d4a2013f099aed gdm-2.4.1.6-i386-1.tgz Slackware -current package: 26459fb6dec7279fe4d80aba0b3ac4ff gdm-2.4.1.6-i486-1.tgz INSTALLATION INSTRUCTIONS: Upgrade using upgradepkg (as root): upgradepkg gdm-2.4.1.6-i386-1.tgz Slackware Linux Security Team slackware security@slackware.com
Topics Covered
Where Find New Packages
MD5 Signatures
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!