MGASA-2014-0504

Source
https://advisories.mageia.org/MGASA-2014-0504.html
Import Source
https://advisories.mageia.org/MGASA-2014-0504.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2014-0504
Related
Published
2014-12-03T19:27:32Z
Modified
2014-12-03T19:16:11Z
Summary
Updated sddm packages fix security vulnerabilities
Details

Sddm may in some cases allow unauthenticated logins as the sddm user (CVE-2014-7271).

Sddm is vulnerable to a race condition in XAUTHORITY file generation (CVE-2014-7272).

Sddm has been updated to version 0.10.0, fixing these issues and several other bugs, and adding new functionality.

libxcb packages have been updated to work with sddm.

References
Credits

Affected packages

Mageia:4 / sddm

Package

Name
sddm
Purl
pkg:rpm/mageia/sddm?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.10.0-1.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / libxcb

Package

Name
libxcb
Purl
pkg:rpm/mageia/libxcb?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.1-2.1.mga4

Ecosystem specific

{
    "section": "core"
}