gdm security update

ID CESA-2007:0777
Type centos
Reporter CentOS Project
Modified 2007-08-09T16:40:31


CentOS Errata and Security Advisory CESA-2007:0777

Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time.

A flaw was found in the way Gdm listens on its unix domain socket. A local user could crash a running X session by writing malicious data to Gdm's unix domain socket. (CVE-2007-3381)

All users of gdm should upgrade to this updated package, which contains a backported patch that resolves this issue.

Red Hat would like to thank JLANTHEA for reporting this issue.

Merged security bulletin from advisories:

Affected packages: gdm

Upstream details at: