-
Committer:
Bazaar Package Importer
-
Author(s):
Jonathan Riddell
-
Date:
2006-06-12 16:01:48 UTC
-
mfrom:
(4.1.1 hoary-updates)
-
Revision ID:
james.westby@ubuntu.com-20060612160148-x5ou6stjdkwneud5
Tags: 4:3.4.0-0ubuntu18.3
* SECURITY UPDATE: KDM symlink attack vulnerability
* Add kubuntu_65_kdm_symlink_vunerability.diff
* KDM allows the user to select the session type for login. This
setting is permanently stored in the user home directory. By
using a symlink attack, KDM can be tricked into allowing the
user to read file content that would otherwise be unreadable
to this particular user.
* References:
CVE-2006-2449