Viewing all changes in revision 5.
- Committer: Bazaar Package Importer
- Date: 2006-06-12 16:01:48 UTC
- mfrom: (4.1.1 hoary-updates)
- Revision ID: james.westby@ubuntu.com-20060612160148-x5ou6stjdkwneud5
* SECURITY UPDATE: KDM symlink attack vulnerability
* Add kubuntu_65_kdm_symlink_vunerability.diff
* KDM allows the user to select the session type for login. This
setting is permanently stored in the user home directory. By
using a symlink attack, KDM can be tricked into allowing the
user to read file content that would otherwise be unreadable
to this particular user.
* References:
CVE-2006-2449
* Add kubuntu_65_kdm_symlink_vunerability.diff
* KDM allows the user to select the session type for login. This
setting is permanently stored in the user home directory. By
using a symlink attack, KDM can be tricked into allowing the
user to read file content that would otherwise be unreadable
to this particular user.
* References:
CVE-2006-2449
expand all
collapse all
added
removed
