User: Password:
Subscribe / Log in / New account

Mageia alert MGASA-2014-0026 (lightdm-gtk-greeter)

From:  Mageia Updates <>
Subject:  [updates-announce] MGASA-2014-0026: Updated lightdm-gtk-greeter fixes CVE-2014-0979
Date:  Fri, 24 Jan 2014 22:01:38 +0100
Message-ID:  <>

MGASA-2014-0026 - Updated lightdm-gtk-greeter fixes CVE-2014-0979 Publication date: 24 Jan 2014 URL: Type: security Affected Mageia releases: 3 CVE: CVE-2014-0979 Description: Updated lightdm-gtk-greeter package fixes security vulnerability: lightdm-gtk-greeter uses the lightdm-gobject API incorrectly and does not handle lightdm_greeter_get_authentication_user() returning NULL when the username of the previous authentication is invalid resulting in a NULL pointer dereference in start_authentication(). This constitutes a local denial of service which can be triggered by any unprivileged attacker requiring the intervention of an administrator to restart lightdm (CVE-2014-0979). References: - - - - SRPMS: - 3/core/lightdm-gtk-greeter-1.3.1-6.1.mga3

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds