-
Committer:
Bazaar Package Importer
-
Author(s):
Richard A. Johnson
-
Date:
2007-09-20 16:23:19 UTC
-
Revision ID:
james.westby@ubuntu.com-20070920162319-w2e4ev0nhd6evlcw
Tags: 4:3.5.5-0ubuntu3.6
* SECURITY UPDATE: KDM password-less login
* KDM can be tricked into performing a password-less login even for accounts
with a password set under certain circumstances, namely autologin to be
configured and "shutdown with password" enabled.
* Add kubuntu_sec_03_kdm_pwless_login.diff for session.c to fix KDM
password-less and autologin configuration.
* References:
- http://www.kde.org/info/security/advisory-20070919-1.txt
- CVE-2007-4569