-
Committer:
Bazaar Package Importer
-
Author(s):
Jonathan Riddell
-
Date:
2006-06-12 16:01:48 UTC
-
mfrom:
(5.1.1 breezy-updates)
-
Revision ID:
james.westby@ubuntu.com-20060612160148-8qz5bj1w2uwr9lyi
Tags: 4:3.4.3-0ubuntu7
* SECURITY UPDATE: KDM symlink attack vulnerability
* Add kubuntu_65_kdm_symlink_vunerability.diff
* KDM allows the user to select the session type for login. This
setting is permanently stored in the user home directory. By
using a symlink attack, KDM can be tricked into allowing the
user to read file content that would otherwise be unreadable
to this particular user.
* References:
CVE-2006-2449