[SECURITY] Fedora 21 Update: sddm-0.9.0-2.20141007git6a28c29b.fc21

Fri Oct 31 02:43:34 UTC 2014

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-12442
2014-10-08 17:52:04
--------------------------------------------------------------------------------

Name        : sddm
Product     : Fedora 21
Version     : 0.9.0
Release     : 2.20141007git6a28c29b.fc21
URL         : https://github.com/sddm/sddm
Summary     : QML based X11 desktop manager
Description :
SDDM is a modern display manager for X11 aiming to be fast, simple and
beautiful. It uses modern technologies like QtQuick, which in turn gives the
designer the ability to create smooth, animated user interfaces.

--------------------------------------------------------------------------------
Update Information:

Bump to latest upstream git (and a new release), fixes CVE-2014-7271 and CVE-2014-7272
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1149608 - CVE-2014-7271 sddm: user "sddm" can login without authentication.
        https://bugzilla.redhat.com/show_bug.cgi?id=1149608
  [ 2 ] Bug #1148659 - sddm: multiple flaws in SDDM display manager leading to privilege escalation to root
        https://bugzilla.redhat.com/show_bug.cgi?id=1148659
  [ 3 ] Bug #1149610 - CVE-2014-7272 sddm: several local privileges escalation issues
        https://bugzilla.redhat.com/show_bug.cgi?id=1149610
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update sddm' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------