* SECURITY UPDATE: Directory traversal allowing arbitrary directory

ownership and privilege escalation (LP: #1677924) - debian/guest-account.sh: Detect existing malicious guest user home dirs before proceeding with guest user creation - CVE-2017-7358
author: Robert Ancell <robert.ancell@canonical.com> 2017-04-05 10:35:02 +1200
committer: Robert Ancell <robert.ancell@canonical.com> 2017-04-05 10:35:02 +1200
commit: 995bb111ca330cf1ff550973a4a35fb6e3e9c720 (patch)
tree: 39ba30df145014aa60c126bb2abc26cd76eefd08
parent: 1898dce397ca5d647214d89e846ad1f014244ab1 (diff)
download: lightdm-git-995bb111ca330cf1ff550973a4a35fb6e3e9c720.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index cb22c03e..9a32ee47 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+lightdm (1.22.0-0ubuntu2) zesty; urgency=medium
+
+  * SECURITY UPDATE: Directory traversal allowing arbitrary directory
+    ownership and privilege escalation (LP: #1677924)
+    - debian/guest-account.sh: Detect existing malicious guest user home dirs
+      before proceeding with guest user creation
+    - CVE-2017-7358
+
+ -- Robert Ancell <robert.ancell@canonical.com>  Wed, 05 Apr 2017 10:34:32 +1200
+
 lightdm (1.22.0-0ubuntu1) zesty; urgency=medium
 
   * Allow guest sessions to talk to Mir (allowing unity8)
author	Robert Ancell <robert.ancell@canonical.com>	2017-04-05 10:35:02 +1200
committer	Robert Ancell <robert.ancell@canonical.com>	2017-04-05 10:35:02 +1200
commit	995bb111ca330cf1ff550973a4a35fb6e3e9c720 (patch)
tree	39ba30df145014aa60c126bb2abc26cd76eefd08
parent	1898dce397ca5d647214d89e846ad1f014244ab1 (diff)
download	lightdm-git-995bb111ca330cf1ff550973a4a35fb6e3e9c720.tar.gz