Package: gdm Version: 2.16.1-1 Severity: grave Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Today I found: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=453. After a fast look into the code it seems, that this issue is present in the Debian package. Please take a look at it. Regards, Daniel - -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (850, 'unstable'), (700, 'testing'), (550, 'stable'), (110, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.09060920 Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages gdm depends on: ii adduser 3.100 Add and remove users and groups ii debconf [debconf-2.0] 1.5.10 Debian configuration management sy ii gdm-themes 0.5 Themes for the GNOME Display Manag ii gksu 2.0.0-1 graphical frontend to su ii gnome-session 2.14.3-3 The GNOME 2 Session Manager ii gnome-terminal [x-terminal 2.14.2-1 The GNOME 2 terminal emulator appl ii libart-2.0-2 2.3.17-1 Library of functions for 2D graphi ii libatk1.0-0 1.12.3-1 The ATK accessibility toolkit ii libattr1 2.4.32-1 Extended attribute shared library ii libc6 2.3.6.ds1-9 GNU C Library: Shared libraries ii libcairo2 1.2.4-4 The Cairo 2D vector graphics libra ii libdmx1 1:1.0.2-2 X11 Distributed Multihead extensio ii libfontconfig1 2.4.2-1 generic font configuration library ii libglade2-0 1:2.6.0-2 library to load .glade files at ru ii libglib2.0-0 2.12.4-2 The GLib library of C routines ii libgnomecanvas2-0 2.14.0-2 A powerful object-oriented display ii libgtk2.0-0 2.8.20-3 The GTK+ graphical user interface ii libpam-modules 0.79-4 Pluggable Authentication Modules f ii libpam-runtime 0.79-4 Runtime support for the PAM librar ii libpam0g 0.79-4 Pluggable Authentication Modules l ii libpango1.0-0 1.14.8-2 Layout and rendering of internatio ii libpopt0 1.10-3 lib for parsing cmdline parameters ii librsvg2-2 2.14.4-2 SAX-based renderer library for SVG ii librsvg2-common 2.14.4-2 SAX-based renderer library for SVG ii libselinux1 1.32-3 SELinux shared libraries ii libwrap0 7.6.dbs-11 Wietse Venema's TCP wrappers libra ii libx11-6 2:1.0.3-4 X11 client-side library ii libxau6 1:1.0.1-2 X11 authorisation library ii libxcursor1 1.1.7-4 X cursor management library ii libxdmcp6 1:1.0.1-2 X11 Display Manager Control Protoc ii libxext6 1:1.0.1-2 X11 miscellaneous extension librar ii libxfixes3 1:4.0.1-5 X11 miscellaneous 'fixes' extensio ii libxi6 1:1.0.1-4 X11 Input extension library ii libxinerama1 1:1.0.1-4.1 X11 Xinerama extension library ii libxml2 2.6.27.dfsg-1 GNOME XML library ii libxrandr2 2:1.1.0.2-5 X11 RandR extension library ii libxrender1 1:0.9.1-3 X Rendering Extension client libra ii lsb-base 3.1-22 Linux Standard Base 3.1 init scrip ii metacity [x-window-manager 1:2.14.5-2 A lightweight GTK2 based Window Ma ii twm [x-window-manager] 1:1.0.1-4 Tab window manager ii xbase-clients 1:7.1.ds-3 miscellaneous X clients ii xfce4-terminal [x-terminal 0.2.5.8rc2-1 Xfce terminal emulator ii xfwm4 [x-window-manager] 4.3.99.2-1 window manager of the Xfce project ii xterm [x-terminal-emulator 223-1 X terminal emulator Versions of packages gdm recommends: ii dialog 1.0-20060221-1 Displays user-friendly dialog boxe ii whiptail 0.52.2-8 Displays user-friendly dialog boxe ii zenity 2.14.3-1 Display graphical dialog boxes fro - -- debconf information excluded -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFgpxWm0bx+wiPa4wRAjFtAKDW0OA8AkMaWndlyciqqOvN7WVErQCfUG+6 HOVV+KN+7mHM0YdUl5hZHLc= =acsC -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]