Security Fix 008 for 3.5-stable: xdm

Contributed by grey on 2004-05-29 from the almost overlooked a patch dept.

Thanks to an anonymous reader who pointed out a fix we had overlooked:

008: SECURITY FIX: May 26, 2004
With the introduction of IPv6 code in xdm(1), one test on the 'requestPort' resource was deleted by accident. This makes xdm create the chooser socket even if xdmcp is disabled in xdm-config, by setting requestPort to 0. See XFree86 bugzilla for details.
A source code patch exists which remedies this problem.

Update: thanks to Brad Smith for pointing out that this issue does not affect 3.4.

(Comments are closed)

Comments

By Brad (67.71.135.168) brad at comstyle dot com on 2004-05-30 02:42

XFree86 (4.3) that comes with OpenBSD 3.4 is not affected by this issue since the IPv6 integration happened between (XFree86) 4.3 and 4.4.
Comments
1. By Anonymous Coward (216.27.182.22) on 2004-05-30 08:34
  
  you are going to Hell for your crimes. -Gandhi
  Comments
  1. By Anonymous Coward (82.39.96.34) on 2004-06-03 18:59
    
    eh ?

Latest Articles

Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (12)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (2)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)
Fri, Mar 08
- 06:46 OpenBGPD 8.4 released (0)
Mon, Mar 04
- 06:32 rpki-client 9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]