Your message dated Fri, 13 Nov 2020 11:03:37 +
with message-id
and subject line Bug#973748: fixed in sddm 0.18.0-1+deb10u1
has caused the Debian Bug report #973748,
regarding sddm: CVE-2020-28049: local privilege escalation due to race
condition in creation of the Xauthority file
to be
Hi Norbert,
On Thu, Nov 05, 2020 at 09:15:15PM +0900, Norbert Preining wrote:
> Hi Salvatore,
>
> On Thu, 05 Nov 2020, Salvatore Bonaccorso wrote:
> > to day, this is the debdiff I just used for the upload. tracker.d.o
> > does not show it yet because the packages are sitting in the embargoed
> >
Hi Salvatore,
On Thu, 05 Nov 2020, Salvatore Bonaccorso wrote:
> to day, this is the debdiff I just used for the upload. tracker.d.o
> does not show it yet because the packages are sitting in the embargoed
> policy queue on security-master so not yet pushed out to the archive.
Ah, ok, didn't know
Hi Norbert,
On Thu, Nov 05, 2020 at 08:55:40PM +0900, Norbert Preining wrote:
> Hi Salvatore,
>
> > That is because I did already upload the upload yesterday as with the
> > debdiff attached to the bugreport. But we (Moritz was testing as well)
> > wanted to further test the upload first before r
Hi Salvatore,
> That is because I did already upload the upload yesterday as with the
> debdiff attached to the bugreport. But we (Moritz was testing as well)
> wanted to further test the upload first before releasing the DSA.
A ok, that explains it. Didn't see any message about it, so I
Hi Norbert,
On Thu, Nov 05, 2020 at 08:26:07PM +0900, Norbert Preining wrote:
> Hi Salvatore, hi FTP Master,
>
> @Salvatore: thanks for the NMU preparation. We are now preparing a fix
> for unstable via version 0.19, and at the same time I thought I upload
> to buster-security, based on your patc
Hi Salvatore, hi FTP Master,
@Salvatore: thanks for the NMU preparation. We are now preparing a fix
for unstable via version 0.19, and at the same time I thought I upload
to buster-security, based on your patch,
But, uploading to security-master with dput I got the following answer:
On Thu, 05 N
; The following vulnerability was published for sddm.
>
> CVE-2020-28049[0]:
> | local privilege escalation due to race condition in creation of the
> | Xauthority file
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities &am
creation of the
| Xauthority file
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2020-28049
https://cve.mitre.org/cgi
Your message dated Sun, 7 Mar 2010 08:39:49 +0100
with message-id <6a2e33621003062339l50e9d2a2mc581957b56a12...@mail.gmail.com>
and subject line Re: Bug#495601: About bug # 495601 in Debian BTS
has caused the Debian Bug report #495601,
regarding kdm: Creates $HOME/.Xauthority with roo
trator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: kdm
Version: 3.1.2-1
Kdm does not set the environment variable XAUTHORITY
to $HOME/.Xauthority when it is not already set.
As it is done by startx and gdm I suppose it should
do it. It is a problem because if you do a su
to
I noticed, for some time now, that every time
I turn my machine on, my .Xauthority gets overwritten giving me
the following message when I ssh to another machine:
Warning: No xauth data; using fake authentication data for X11
forwarding.
I have to copy back my backed up .Xauthority in
12 matches
Mail list logo
