[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

CAN-2003-0794: a local DoS

Package: gdm
Version: 2.4.1.6-2
Severity: important
Tags: security

A second security bug that need to be closed, fixed in gdm 2.4.4.4 upstream for about one week (and on others distribs too, is the GDM maintainer taking care of this package ?) :

http://www.gnome.org/project/shownotes.php?release_id=2355

"- SECURITY: Fixed CAN-2003-0794, a local DoS, the line length is limitted
  to 4096 bytes (note, this was not a buffer overrun)."


Cheers,

Sebastien Bacher


-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux seb128 2.6.0-test6 #1 Sun Sep 28 14:08:16 CEST 2003 i686
Locale: LANG=fr_FR.ISO-8859-15, LC_CTYPE=ISO-8859-15 (ignored: LC_ALL set to fr_FR@euro)

Versions of packages gdm depends on:
ii  adduser                    3.51          Add and remove users and groups
ii  bonobo-activation          1:2.4.0-3     Transitional package
ii  debconf                    1.3.15        Debian configuration management sy
ii  dpkg                       1.10.15       Package maintenance system for Deb
ii  libart-2.0-2               2.3.16-1      Library of functions for 2D graphi
ii  libatk1.0-0                1.4.1-1       The ATK accessibility toolkit
ii  libaudiofile0              0.2.3-4       The Audiofile Library
ii  libbonobo-activation4      1:2.4.0-3     Transitional package
ii  libbonobo2-0               2.4.1-2       Bonobo CORBA interfaces library
ii  libbonoboui2-0             2.4.0-1       The Bonobo UI library
ii  libbz2-1.0                 1.0.2-1       A high-quality block-sorting file 
ii  libc6                      2.3.2-8       GNU C Library: Shared libraries an
ii  libesd0                    0.2.29-1      Enlightened Sound Daemon - Shared 
ii  libgconf2-4                2.4.0.1-2     GNOME configuration database syste
ii  libgcrypt1                 1.1.12-4      LGPL Crypto library - runtime libr
ii  libglade2-0                2.0.1-6       Library to load .glade files at ru
ii  libglib2.0-0               2.2.3-1       The GLib library of C routines
ii  libgnome2-0                2.4.0-2       The GNOME 2 library - runtime file
ii  libgnomecanvas2-0          2.4.0-1       A powerful object-oriented display
ii  libgnomeui-0               2.4.0.1-2     The GNOME 2 libraries (User Interf
ii  libgnomevfs2-0             2.4.1-3       The GNOME virtual file-system libr
ii  libgnomevfs2-common        2.4.1-3       The GNOME virtual file-system libr
ii  libgnutls7                 0.8.9-2       GNU TLS library - runtime library
ii  libgsf-1                   1.8.2-3       Structured File Library - runtime 
ii  libgtk2.0-0                2.2.4-1       The GTK+ graphical user interface 
ii  libjpeg62                  6b-9          The Independent JPEG Group's JPEG 
ii  liblinc1                   2:1.0.3-4     library to simplify creating netwo
ii  liborbit2                  1:2.8.1-4     Libraries for ORBit2 - a CORBA ORB
ii  libpam-modules             0.76-14       Pluggable Authentication Modules f
ii  libpam-runtime             0.76-14       Runtime support for the PAM librar
ii  libpam0g                   0.76-14       Pluggable Authentication Modules l
ii  libpango1.0-0              1.2.5-1.1     Layout and rendering of internatio
ii  libpopt0                   1.7-2         lib for parsing cmdline parameters
ii  librsvg2-2                 2.4.0-2       SAX-based renderer library for SVG
ii  libtasn1-0                 0.1.2-1       Manage ASN.1 structures (runtime)
ii  libwrap0                   7.6-ipv6.1-3  Wietse Venema's TCP wrappers libra
ii  libxml2                    2.5.11-2      GNOME XML library
ii  xlibs                      4.3.0-0pre1v3 X Window System client libraries
ii  zlib1g                     1:1.1.4-16    compression library - runtime

-- debconf information excluded
Reply to: