Wednesday, November 6, 2013

[USN-2012-1] Light Display Manager vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJSek4wAAoJEGVp2FWnRL6T4loP/RrfPwME1wRfhDMKv/wA8Xbg
wIx96zEZikLThmmYgPeRMEsW2y9bS70Ih5TCZZgkw9Y066vOJIzp2SlVTZEk9ynR
f23uc+7XJLTVHmGMNuiMCH13sTZC3I7D/6iRR7LibXJ70uxVsQlzWX9YHidUONoF
3QlIIi9kshIykp1y6pBtB12oHE9i7iRW2WvFoeS5lMIPVfGTci3dJbP/6xBwhLiK
AK4z7f+NjUKqPKcA20ZkFS7lP2LT4M74TjVDcRk8a32EO7S9ae3ZQTU8cHoWUG4q
RPNJWpFo/5VyL+glF6TwMZ02VI+O+g00MAM2+oqVkOq33WFgUUXk5ZG9QEU57MNW
61ahNL76cro9g3zwlIq1o5mYaPeyIOcQpVOK/Yrotzmyp3nuazvlmTKnFD1cEWPW
3Y4RGavuG2wl1qpUbXr1yVz9mcMdjrKcpzGvLofYuo2RLDGA892kLb7NcGz39Tzl
MC50QEUxgHClpD5juACYoTqDRpZNqvkyqw1HuohanKLjnG5zqfY8Ybkry5gZrEB5
5Fre3pN9fWAuklBbdZbN0YnMwA6B6KDeim/dmRihODaVuF6NZqmH55VQwnbSLDfq
ROrzDwMhL6+14PCnKmZL+qlY4l5azvHPN6uIxmgxdWksE0/qcr4pF4bJzGD8FTM3
795uH5q8axYh6NYR44Rq
=RMt7
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2012-1
November 06, 2013

lightdm vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.10

Summary:

Light Display Manager could be made to expose sensitive information
locally.

Software Description:
- lightdm: Display Manager

Details:

Christian Prim discovered that Light Display Manager incorrectly applied
the AppArmor security profile when the Guest account is used. A local
attacker could use this issue to possibly gain access to sensitive
information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
lightdm 1.8.4-0ubuntu1

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to reboot your computer to
make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2012-1
CVE-2013-4459

Package Information:
https://launchpad.net/ubuntu/+source/lightdm/1.8.4-0ubuntu1

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)