CAN-2003-0794: a local DoS
Package: gdm
Version: 2.4.1.6-2
Severity: important
Tags: security
A second security bug that need to be closed, fixed in gdm 2.4.4.4 upstream for about one week (and on others distribs too, is the GDM maintainer taking care of this package ?) :
http://www.gnome.org/project/shownotes.php?release_id=2355
"- SECURITY: Fixed CAN-2003-0794, a local DoS, the line length is limitted
to 4096 bytes (note, this was not a buffer overrun)."
Cheers,
Sebastien Bacher
-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux seb128 2.6.0-test6 #1 Sun Sep 28 14:08:16 CEST 2003 i686
Locale: LANG=fr_FR.ISO-8859-15, LC_CTYPE=ISO-8859-15 (ignored: LC_ALL set to fr_FR@euro)
Versions of packages gdm depends on:
ii adduser 3.51 Add and remove users and groups
ii bonobo-activation 1:2.4.0-3 Transitional package
ii debconf 1.3.15 Debian configuration management sy
ii dpkg 1.10.15 Package maintenance system for Deb
ii libart-2.0-2 2.3.16-1 Library of functions for 2D graphi
ii libatk1.0-0 1.4.1-1 The ATK accessibility toolkit
ii libaudiofile0 0.2.3-4 The Audiofile Library
ii libbonobo-activation4 1:2.4.0-3 Transitional package
ii libbonobo2-0 2.4.1-2 Bonobo CORBA interfaces library
ii libbonoboui2-0 2.4.0-1 The Bonobo UI library
ii libbz2-1.0 1.0.2-1 A high-quality block-sorting file
ii libc6 2.3.2-8 GNU C Library: Shared libraries an
ii libesd0 0.2.29-1 Enlightened Sound Daemon - Shared
ii libgconf2-4 2.4.0.1-2 GNOME configuration database syste
ii libgcrypt1 1.1.12-4 LGPL Crypto library - runtime libr
ii libglade2-0 2.0.1-6 Library to load .glade files at ru
ii libglib2.0-0 2.2.3-1 The GLib library of C routines
ii libgnome2-0 2.4.0-2 The GNOME 2 library - runtime file
ii libgnomecanvas2-0 2.4.0-1 A powerful object-oriented display
ii libgnomeui-0 2.4.0.1-2 The GNOME 2 libraries (User Interf
ii libgnomevfs2-0 2.4.1-3 The GNOME virtual file-system libr
ii libgnomevfs2-common 2.4.1-3 The GNOME virtual file-system libr
ii libgnutls7 0.8.9-2 GNU TLS library - runtime library
ii libgsf-1 1.8.2-3 Structured File Library - runtime
ii libgtk2.0-0 2.2.4-1 The GTK+ graphical user interface
ii libjpeg62 6b-9 The Independent JPEG Group's JPEG
ii liblinc1 2:1.0.3-4 library to simplify creating netwo
ii liborbit2 1:2.8.1-4 Libraries for ORBit2 - a CORBA ORB
ii libpam-modules 0.76-14 Pluggable Authentication Modules f
ii libpam-runtime 0.76-14 Runtime support for the PAM librar
ii libpam0g 0.76-14 Pluggable Authentication Modules l
ii libpango1.0-0 1.2.5-1.1 Layout and rendering of internatio
ii libpopt0 1.7-2 lib for parsing cmdline parameters
ii librsvg2-2 2.4.0-2 SAX-based renderer library for SVG
ii libtasn1-0 0.1.2-1 Manage ASN.1 structures (runtime)
ii libwrap0 7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra
ii libxml2 2.5.11-2 GNOME XML library
ii xlibs 4.3.0-0pre1v3 X Window System client libraries
ii zlib1g 1:1.1.4-16 compression library - runtime
-- debconf information excluded
Reply to: