Comment 3 for bug 746053

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gdm - 2.32.0-0ubuntu15

---------------
gdm (2.32.0-0ubuntu15) natty; urgency=low

  * SECURITY UPDATE: race condition allowing privilege escalation
    - debian/patches/43_CVE-2011-0727.patch: fix
      daemon/gdm-session-worker.c to copy files as session user rather
      than root followed by a subsequent chown. (LP: #746053)
    - CVE-2011-0727
 -- Steve Beattie <email address hidden> Mon, 04 Apr 2011 20:42:03 -0700