[SECURITY] Fedora 22 Update: lxdm-0.4.1-10.fc22

Sat Oct 17 22:56:49 UTC 2015

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-adbae85c55
2015-10-17 18:39:17.814103
--------------------------------------------------------------------------------

Name        : lxdm
Product     : Fedora 22
Version     : 0.4.1
Release     : 10.fc22
URL         : http://lxde.org
Summary     : Lightweight X11 Display Manager
Description :
LXDM is the future display manager of LXDE, the Lightweight X11 Desktop
environment. It is designed as a lightweight alternative to replace GDM or
KDM in LXDE distros. It's still in very early stage of development.

--------------------------------------------------------------------------------
Update Information:

It is found that lxdm does not close file descriptor for log file althouhg it
should. Also session started via lxdm can allow any local user to connect X.
This new rpm should fix these issues.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1268900 - lxdm: X server started without -auth, exposing it to connections form any local user
        https://bugzilla.redhat.com/show_bug.cgi?id=1268900
  [ 2 ] Bug #846086 - lxdm: leaks file descriptors
        https://bugzilla.redhat.com/show_bug.cgi?id=846086
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use
su -c 'yum update lxdm' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------