Summary: | gnome-base/gdm GDM issue (CVE-2006-2452) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | solar (RETIRED) <solar> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | major | CC: | gnome, hlieberman, tcort | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://bugzilla.gnome.org/show_bug.cgi?id=343476 | ||||||
Whiteboard: | A1? [glsa] jaervosz | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
solar (RETIRED)
2006-05-31 04:47:20 UTC
Current keywords: gdm-2.2.5.4-r5[0]: gdm-2.8.0.7[0]: ia64 gdm-2.8.0.7-r1[0]: alpha amd64 hppa mips ppc ppc64 sparc x86 gdm-2.14.5[0]: ~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 Leonardo Boshell <leonardop@gentoo.org> appears to be handling the package these days. Created attachment 88014 [details, diff]
gdm-CVE-2006-2452.patch
This will be CVE-2006-2452
Redhat is requesting 1 week before any public announcments are made regarding this
problem. Being it is already in gnome-cvs it however is semi public.
Leonardo please provide an updated ebuild, and only mention the bug number in the changelog (until it becomes public). gdm-2.8.0.8 and gdm-2.14.8 are now in the tree, released upstream because of this issue. gdm-2.8.0.8 should be the only ebuild to mark stable by arches at this point. By the way, the release announcements made by the developer openly describe the problem, in case that is significant for you: http://mail.gnome.org/archives/gnome-announce-list/2006-June/msg00007.html http://mail.gnome.org/archives/gnome-announce-list/2006-June/msg00008.html Thx Leornardo, I didn't know that they had just announced this. Arches please test and mark stable. *** Bug 136019 has been marked as a duplicate of this bug. *** stable on ppc64 sparc stable. ppc stable x86 done ^.^ alpha stable. stable on hppa amd64 stable. GLSA 200606-14 ia64 and mips please don't forget to mark stable to benifit from the GLSA. |