On reflection the patch suggested there would only partially resolve the security concerns -- the only client application (gstm) would no longer use gaskpass but gaskpass would still be installed. A further fix would actually remove gaskpass from the system or fix the behavior identified here (and several other behaviors mentioned as gaskpass bugs within gstm).
On reflection the patch suggested there would only partially resolve the security concerns -- the only client application (gstm) would no longer use gaskpass but gaskpass would still be installed. A further fix would actually remove gaskpass from the system or fix the behavior identified here (and several other behaviors mentioned as gaskpass bugs within gstm).