MGASA-2013-0286

Source
https://advisories.mageia.org/MGASA-2013-0286.html
Import Source
https://advisories.mageia.org/MGASA-2013-0286.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2013-0286
Related
Published
2013-09-19T09:46:09Z
Modified
2013-09-19T09:46:05Z
Summary
Updated lightdm package fixes security vulnerability
Details

lightdm before 1.4.3, 1.6.2 and 1.7.14 created .Xauthority files with world-readable permissions (CVE-2013-4331).

Additionally, an issue where a user logged into a graphical desktop environment through lightdm would lose privleges to local devices (such as the sound card) when using the 'su' command has been fixed.

References
Credits

Affected packages

Mageia:3 / lightdm

Package

Name
lightdm
Purl
pkg:rpm/mageia/lightdm?distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.3-1.mga3

Ecosystem specific

{
    "section": "core"
}