-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2434-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 05, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : gdm3 Version : 3.22.3-3+deb9u3 CVE ID : CVE-2020-16125 It was discovered that there was an issue in the GNOME Display Manager where not detecting any users may make GDM launch initial system setup and thereby permitting the creation of new users with sudo capabilities. For Debian 9 "Stretch", this problem has been fixed in version 3.22.3-3+deb9u3. We recommend that you upgrade your gdm3 packages. For the detailed security status of gdm3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gdm3 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl+j8rsACgkQHpU+J9Qx Hljeog//ZTK44Zuekxc9M4SWAApheYHP5ZggRd4YOUgx3HHpEnePF1ipckWdU6BX /skk/aKqiyhRU0fksSpF12bwhGlvmhSp0xeR7W6jTaTUaYBgaXgKf+4KQ538yN3z thp3L9aaRl2EwRVAhFPi63aMYuL44MkhOYkKEjeVAPJCCZG8M5xCsudrOWtgL7vP sAUNraoEA6MsXcfvkgvEZhuEaoRIAdcxTpA5+Pp1119LQMn24luV3h4rRJ/PHSWW X1kw8rRXHSMLz0WNSMtwSmfUnpYW4egys46M38e1hfms34gOsTn9Gq0kVtMCHuPh U7zU4qrlzmoWrpD6XphCWv9UQm8r8LVKE0HXVVZMCzMqkNkMOD7p95J8ePwj9lwE DZTVn5a0bhjufErzGEx07H910a6+utDwJDcDgdcoLGoYokZxwZ7yHQRBWVYVQzdb IggvmCBNAmfOzrca1vyxlt9qwhvv16el+sskRxSu99Gwryk9c+Qn/8Fq5cKe0W85 JFpWG24UCTNa8xloRcJP+r+foIItGiddAhe9g+NgPI+MxivxgxwU6uRfoUD0Xhm5 QT4fFw6mX3tnWBOliOgA5Wywl541ehF5KFlc6HRyAxad2T5/+J86xdU7THsjbHGU E78IaafxB0Ue6RXECDTsbghX3PefwUlPhBAkTx0lgFwo4KuYtbg= =LFOf -----END PGP SIGNATURE-----
