Date: Sat, 21 Nov 2015 14:52:52 +0100 From: Yves-Alexis Perez <corsac@...ian.org> To: oss-security@...ts.openwall.com Subject: CVE request for LightDM - XDMCP denial of service Hi, it seems that some versions of LightDM (1.14 and 1.16 series) are vulnerable to a denial of service when XDMCP server is enabled. When that's the case, an XDMCP request with no address will crash LightDM. More information can be found in https://bugs.launchpad.net/lightdm/+bug/15168 31 and the bug is fixed with 1.14.4 and 1.16.6 (and development release 1.17.2). Can a CVE be assigned to this? Thanks in advance, -- Yves-Alexis [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ