[gdm-list] [security CVE-2006-6105] GDM2 2.17.4 (stable), the "securityfix" Release
- From: Brian Cameron <Brian Cameron Sun COM>
- To: gnome-announce-list gnome org, gdm-list gnome org
- Subject: [gdm-list] [security CVE-2006-6105] GDM2 2.17.4 (stable), the "securityfix" Release
- Date: Wed, 13 Dec 2006 13:19:31 -0600
AOOH-GAH
--------
(If you have no clue what gdm is, skip a few paragraphs down first)
The 2.17.4 release is an unstable release of GDM with the following
new features. Note that this fixes the important security issue
listed below, so it is highly recommended to upgrade to the latest
2.8, 2.14, 2.16, or 2.17 version of GDM to address this issue.
- Fix for a recently reported security issue that has ID
CVE-2006-6105. This fixes a problem where a user can
enter strings like "%08x" into the gdmchooser "Add"
host button and print out memory. This issue was introduced
into GDM 2.8.0.4. (Brian Cameron)
- Improvements to gdmsetup, which now supports many new
features. Fixes feature request #334186 and bugs
#343206 and #347101. (Lukasz Zalewski)
- No longer set XDG_SESSION_COOKIE if there is no cookie.
Fixes #383866. (William Jon McCann)
- Now the key and dwell gestures start Orca instead of
Gnopernicus. Must use Orca v2.17.4 or later to work
with GDM. (Brian Cameron)
- Translation updates (Kjartan Maraas, Daniel Nylander,
Francisco Javier F. Serrador, Ilkka Tuohela)
Note: GDM2 was originally written by Martin K. Petersen <mkp mkp net>.
Much work has been done on GDM2 by George Lebl, and Brian Cameron
currently shares maintainership duties with the Queen of England.
Note2: If installing from the tarball do note that make install
overwrites most of the setup files, all except gdm.conf. It will
however save backups with the .orig extension first.
#ifndef GDM_DISABLE_DEPRECATED
Note3: Note3 has been depracated ...
#endif /* GDM_DISABLE_DEPRECATED */
Downloading:
============
Online Documentation - http://www.gnome.org/projects/gdm/
Latest Stable - http://ftp.gnome.org/pub/GNOME/sources/gdm/2.16/
Latest Unstable - http://ftp.gnome.org/pub/GNOME/sources/gdm/2.17/
No RPM this time around BTW. Have fun. A spec file is included though,
so you can try:
rpmbuild -ta gdm-whatever.tar.gz
Have fun,
Brian
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
