-
Committer:
Bazaar Package Importer
-
Author(s):
Emanuele Gentili
-
Date:
2008-04-23 21:54:55 UTC
-
Revision ID:
james.westby@ubuntu.com-20080423215455-8gtfu9s2wqkja4bq
Tags: 0.9.4.0debian1-2ubuntu1.7.04.1
* SECURITY UPDATE:
+ src/startup.c (LP: #216604)
- Fix opening the terminal on display :0 if no DISPLAY
environment variable is specified to prevent local
attackers from hijacking X11 connections in certain
environments.
* References
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127