[USN-1382-1] Light Display Manager vulnerability
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Mar 5 14:13:53 UTC 2012
==========================================================================
Ubuntu Security Notice USN-1382-1
March 05, 2012
lightdm vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
Summary:
Light Display Manager would allow unintended access to file descriptors.
Software Description:
- lightdm: Display Manager
Details:
Austin Clements discovered that Light Display Manager incorrectly leaked
file descriptors to child processes. A local attacker can use this to
bypass intended permissions and write to the log file, cause a denial of
service, or possibly have another unknown impact.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
liblightdm-gobject-1-0 1.0.6-0ubuntu1.4
liblightdm-qt-1-0 1.0.6-0ubuntu1.4
lightdm 1.0.6-0ubuntu1.4
lightdm-gtk-greeter 1.0.6-0ubuntu1.4
lightdm-qt-greeter 1.0.6-0ubuntu1.4
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1382-1
https://launchpad.net/bugs/927060
Package Information:
https://launchpad.net/ubuntu/+source/lightdm/1.0.6-0ubuntu1.4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20120305/a150b40a/attachment.sig>
More information about the ubuntu-security-announce
mailing list