Updated sddm packages fix security vulnerabilitiesPublication date: 03 Dec 2014
Affected Mageia releases : 4
CVE: CVE-2014-7271 , CVE-2014-7272
Sddm may in some cases allow unauthenticated logins as the sddm user (CVE-2014-7271). Sddm is vulnerable to a race condition in XAUTHORITY file generation (CVE-2014-7272). Sddm has been updated to version 0.10.0, fixing these issues and several other bugs, and adding new functionality. libxcb packages have been updated to work with sddm.