This bug was fixed in the package lightdm - 1.0.6-0ubuntu3
---------------
lightdm (1.0.6-0ubuntu3) precise; urgency=low
* SECURITY UPDATE: file contents disclosure via hard link
- debian/patches/04_CVE-2011-4105.patch: make sure file isn't a symlink
or a hard link before doing the chown on it.
- CVE-2011-4105
* SECURITY UPDATE: file contents disclosure via links (LP: #883865)
- debian/patches/05_CVE-2011-3153.patch: drop privileges before
accessing file.
- CVE-2011-3153
-- Marc Deslauriers <[email protected]> Tue, 15 Nov 2011 14:23:53
-0500
** Branch linked: lp:~ubuntu-desktop/lightdm/ubuntu
** Changed in: lightdm (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/883865
Title:
lightdm doesn't drop privileges when reading ~/.dmrc
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/883865/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
