Updated gdm packages fix security vulnerability
Publication date: 03 Jan 2018Modification date: 03 Jan 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-12164
Description
Updated gdm packages fix security vulnerability: A flaw was discovered in the gdm where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enable for a victim, an attacker could simply select 'login as another user' to unlock their screen (CVE-2017-12164).
References
SRPMS
6/core
- gdm-3.24.3-1.mga6