[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

CAN-2003-0793: a local DoS

Package: gdm
Version: 2.4.1.6-2
Severity: important
Tags: security

Security bug reported for about a week and not yet fixed in Debian ...

Fixed in gdm 2.4.4.4 :

http://www.gnome.org/project/shownotes.php?release_id=2355

"- SECURITY: Fixed CAN-2003-0793, a local DoS, the socket connection
  is now non-blocking and limitted to the number of commands"


-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux seb128 2.6.0-test6 #1 Sun Sep 28 14:08:16 CEST 2003 i686
Locale: LANG=fr_FR.ISO-8859-15, LC_CTYPE=ISO-8859-15 (ignored: LC_ALL set to fr_FR@euro)

Versions of packages gdm depends on:
ii  adduser                    3.51          Add and remove users and groups
ii  bonobo-activation          1:2.4.0-3     Transitional package
ii  debconf                    1.3.15        Debian configuration management sy
ii  dpkg                       1.10.15       Package maintenance system for Deb
ii  libart-2.0-2               2.3.16-1      Library of functions for 2D graphi
ii  libatk1.0-0                1.4.1-1       The ATK accessibility toolkit
ii  libaudiofile0              0.2.3-4       The Audiofile Library
ii  libbonobo-activation4      1:2.4.0-3     Transitional package
ii  libbonobo2-0               2.4.1-2       Bonobo CORBA interfaces library
ii  libbonoboui2-0             2.4.0-1       The Bonobo UI library
ii  libbz2-1.0                 1.0.2-1       A high-quality block-sorting file 
ii  libc6                      2.3.2-8       GNU C Library: Shared libraries an
ii  libesd0                    0.2.29-1      Enlightened Sound Daemon - Shared 
ii  libgconf2-4                2.4.0.1-2     GNOME configuration database syste
ii  libgcrypt1                 1.1.12-4      LGPL Crypto library - runtime libr
ii  libglade2-0                2.0.1-6       Library to load .glade files at ru
ii  libglib2.0-0               2.2.3-1       The GLib library of C routines
ii  libgnome2-0                2.4.0-2       The GNOME 2 library - runtime file
ii  libgnomecanvas2-0          2.4.0-1       A powerful object-oriented display
ii  libgnomeui-0               2.4.0.1-2     The GNOME 2 libraries (User Interf
ii  libgnomevfs2-0             2.4.1-3       The GNOME virtual file-system libr
ii  libgnomevfs2-common        2.4.1-3       The GNOME virtual file-system libr
ii  libgnutls7                 0.8.9-2       GNU TLS library - runtime library
ii  libgsf-1                   1.8.2-3       Structured File Library - runtime 
ii  libgtk2.0-0                2.2.4-1       The GTK+ graphical user interface 
ii  libjpeg62                  6b-9          The Independent JPEG Group's JPEG 
ii  liblinc1                   2:1.0.3-4     library to simplify creating netwo
ii  liborbit2                  1:2.8.1-4     Libraries for ORBit2 - a CORBA ORB
ii  libpam-modules             0.76-14       Pluggable Authentication Modules f
ii  libpam-runtime             0.76-14       Runtime support for the PAM librar
ii  libpam0g                   0.76-14       Pluggable Authentication Modules l
ii  libpango1.0-0              1.2.5-1.1     Layout and rendering of internatio
ii  libpopt0                   1.7-2         lib for parsing cmdline parameters
ii  librsvg2-2                 2.4.0-2       SAX-based renderer library for SVG
ii  libtasn1-0                 0.1.2-1       Manage ASN.1 structures (runtime)
ii  libwrap0                   7.6-ipv6.1-3  Wietse Venema's TCP wrappers libra
ii  libxml2                    2.5.11-2      GNOME XML library
ii  xlibs                      4.3.0-0pre1v3 X Window System client libraries
ii  zlib1g                     1:1.1.4-16    compression library - runtime

-- debconf information excluded
Reply to: