[USN-1382-1] Light Display Manager vulnerability

2012-03-10T00:00:00
ID SECURITYVULNS:DOC:27747
Type securityvulns
Reporter Securityvulns
Modified 2012-03-10T00:00:00

Description

========================================================================== Ubuntu Security Notice USN-1382-1 March 05, 2012

lightdm vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 11.10

Summary:

Light Display Manager would allow unintended access to file descriptors.

Software Description: - lightdm: Display Manager

Details:

Austin Clements discovered that Light Display Manager incorrectly leaked file descriptors to child processes. A local attacker can use this to bypass intended permissions and write to the log file, cause a denial of service, or possibly have another unknown impact.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10: liblightdm-gobject-1-0 1.0.6-0ubuntu1.4 liblightdm-qt-1-0 1.0.6-0ubuntu1.4 lightdm 1.0.6-0ubuntu1.4 lightdm-gtk-greeter 1.0.6-0ubuntu1.4 lightdm-qt-greeter 1.0.6-0ubuntu1.4

After a standard system update you need to reboot your computer to make all the necessary changes.

References: http://www.ubuntu.com/usn/usn-1382-1 https://launchpad.net/bugs/927060

Package Information: https://launchpad.net/ubuntu/+source/lightdm/1.0.6-0ubuntu1.4