[Bug 562440] Re: [CVE-2010-0436] KDM Local Privilege Escalation Vulnerability
Launchpad Bug Tracker
562440 at bugs.launchpad.net
Mon Apr 19 22:06:16 UTC 2010
This bug was fixed in the package kdebase-workspace - 4:4.3.2-0ubuntu7.2
---------------
kdebase-workspace (4:4.3.2-0ubuntu7.2) karmic-security; urgency=low
* SECURITY UPDATE: KDM Local Privilege Escalation Vulnerability (LP: #562440).
- Add debian/patches/CVE-2010-0436_fix_kdm_local_exploit.diff
- kdm/backend/ctrl.c: prevent race condition during user login which could
allow execution of arbitrary code as root
- CVE-2010-0436
- http://www.kde.org/info/security/advisory-20100413-1.txt
-- Jonathan Riddell <jriddell at ubuntu.com> Fri, 16 Apr 2010 19:00:37 +0100
** Changed in: kdebase-workspace (Ubuntu Karmic)
Status: Fix Committed => Fix Released
** Changed in: kdebase-workspace (Ubuntu Jaunty)
Status: Fix Committed => Fix Released
--
[CVE-2010-0436] KDM Local Privilege Escalation Vulnerability
https://bugs.launchpad.net/bugs/562440
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kdebase-workspace in ubuntu.
More information about the kubuntu-bugs
mailing list