FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
68847b20-8ddc-11e5-b69c-c86000169601gdm -- lock screen bypass when holding escape key

Ray Strode reports:

CVE-2015-7496 - lock screen bypass when holding escape key.


Discovery 2015-11-12
Entry 2015-11-18
gdm
< 3.16.2_1

CVE-2015-7496
https://mail.gnome.org/archives/ftp-release-list/2015-November/msg00074.html
https://bugzilla.gnome.org/show_bug.cgi?id=758032
c6fbd447-59ed-11e0-8d04-0015f2db7bdegdm -- privilege escalation vulnerability

Sebastian Krahmer reports:

It was discovered that the GNOME Display Manager (gdm) cleared the cache directory, which is owned by an unprivileged user, with the privileges of the root user. A race condition exists in gdm where a local user could take advantage of this by writing to the cache directory between ending the session and the signal to clean up the session, which could lead to the execution of arbitrary code as the root user.


Discovery 2011-03-28
Entry 2011-03-29
gdm
< 2.30.5_2

CVE-2011-0727
http://mail.gnome.org/archives/distributor-list/2011-March/msg00008.html
https://bugzilla.redhat.com/show_bug.cgi?id=688323