Make the socket connection non-blocking and limit conversations to 20

Thu Oct 16 09:13:48 2003  George Lebl <jirka@5z.com>

	* daemon/gdm.[ch], daemon/gdm-net.[ch]: Make the socket connection
	  non-blocking and limit conversations to 20 requests.  Also
	  cut lines short at 4096.  Fixes CAN-2003-0793 and CAN-2003-0794
	  respectively.

	* daemon/slave.c: fix #123958 by clearing the message after
	  authentication is done for the configurator.

	* daemon/Makefile.am, gui/greeter/Makefile.am, gui/Makefile.am,
	  gui/modules/Makefile.am:  The disable_deprecated defines should
	  only be on for conformance testing I suppose.  Fixes #124680

1 files changed, 17 insertions, 1 deletions

diff --git a/NEWS b/NEWS
index 24ad6ab9..0630bcc8 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,16 @@ Ahh news...
 
 2.4.4.4 stuff:
 
+- SECURITY: Fixed CAN-2003-0793, a local DoS, the socket connection
+  is now non-blocking and limitted to the number of commands
+
+- SECURITY: Fixed CAN-2003-0794, a local DoS, the line length is limitted
+  to 4096 bytes (note, this was not a buffer overrun).
+
+  (Thanks to Jarno Gassenbauer for pointing out the above two problems)
+
+- Avoid possible DoS by using "-audit 0" for the X server command line
+
 - When cookies are in the fallback dir touch them every
   12 hours to avoid tmpwatch from removing them
 
@@ -17,7 +27,13 @@ Ahh news...
 
 - Some more anality with touching user owned files
 
-- Minor other fixes
+- Fixed the graphical greeter line breaking to not upset
+  pango and generally work with marked up strings
+
+- Fix an underlining bug in the graphical greeter when the underlined letter
+  is the last letter. (discussed in rh #106189)
+
+- Minor other fixes (among others #123958, #124680)
 
 2.4.4.3 stuff: