* SECURITY UPDATE: file contents disclosure via hard link
- debian/patches/04_CVE-2011-4105.patch: make sure file isn't a symlink
or a hard link before doing the chown on it.
- CVE-2011-4105
* SECURITY UPDATE: file contents disclosure via links (LP: #883865)
- debian/patches/05_CVE-2011-3153.patch: drop privileges before
accessing file.
- CVE-2011-3153
-- Marc Deslauriers <email address hidden> Tue, 15 Nov 2011 08:31:27 -0500
This bug was fixed in the package lightdm - 1.0.6-0ubuntu1.1
---------------
lightdm (1.0.6-0ubuntu1.1) oneiric-security; urgency=low
* SECURITY UPDATE: file contents disclosure via hard link patches/ 04_CVE- 2011-4105. patch: make sure file isn't a symlink patches/ 05_CVE- 2011-3153. patch: drop privileges before
- debian/
or a hard link before doing the chown on it.
- CVE-2011-4105
* SECURITY UPDATE: file contents disclosure via links (LP: #883865)
- debian/
accessing file.
- CVE-2011-3153
-- Marc Deslauriers <email address hidden> Tue, 15 Nov 2011 08:31:27 -0500