Univention Bugzilla – Bug 47588
gdm3: Multiple issues (4.3)
Last modified: 2018-08-15 13:14:56 CEST
New Debian gdm3 3.22.3-3+deb9u2 fixes: This update addresses the following issue: * use-after-free in the GDM daemon (CVE-2018-14424)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/gdm3_3.22.3-3+deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-1/source/gdm3_3.22.3-3+deb9u2.dsc @@ -1,3 +1,10 @@ +3.22.3-3+deb9u2 [Mon, 13 Aug 2018 21:07:03 +0200] Salvatore Bonaccorso <carnil@debian.org>: + + * Non-maintainer upload by the Security Team. + * display-store: Pass the display object rather than the id in the removed + signal (CVE-2018-14424) + * display: tie skeleton handlers to object lifetime (CVE-2018-14424) + 3.22.3-3+deb9u1 [Sat, 23 Sep 2017 11:56:40 +0200] Laurent Bigonville <bigon@debian.org>: * Backports a bunch of patches to fix XDMCP support including a potential <http://10.200.17.11/4.3-1/#4116799289908603521>
OK: yaml OK: errata-announce OK: patch OK: piuparts [4.3-1] af0fd90f4d Bug #47588: gdm3 3.22.3-3+deb9u2 doc/errata/staging/{file.yaml => gdm3.yaml} | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) [4.3-1] 684ca239c8 Bug #47507: file 1:5.30-1+deb9u2 doc/errata/staging/file.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<http://errata.software-univention.de/ucs/4.3/180.html>