This bug was fixed in the package lightdm - 1.8.4-0ubuntu1
---------------
lightdm (1.8.4-0ubuntu1) saucy-security; urgency=low
[ Marc Deslauriers ]
* SECURITY UPDATE: improper guest account confinement (LP: #1243339)
- CVE-2013-4459
[ Robert Ancell ]
* New upstream release:
- Implement missing guest-wrapper functionality and enable it for Ubuntu.
- Update AppArmor scripts to work in Ubuntu 13.10. (LP: #1243339)
* debian/50-guest-wrapper.conf:
- Configure guest session wrapper to use
lightdm (1.8.3-0ubuntu1) saucy; urgency=low
* New upstream release:
- Correctly set $XDG_SESSION_CLASS for greeters. This was regressed in 1.7.5
for ConsoleKit and was never passed to logind. logind/ConsoleKit treat
greeter sessions without this set as user sessions. This causes greeters
to show the lightdm user able to be logged in with.
(LP: #1242939)
- Set $USER when running the session-setup-script. This is a regression from
1.7.5. (LP: #1245957)
- Fix notification of sessions being logged out. This is a regression from
1.7.5 and caused greeters to show sessions logged in after they had been
logged out. (LP: #1245295)
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Mon, 04 Nov 2013 13:35:26
-0500
** Changed in: lightdm (Ubuntu Saucy)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4459
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242939
Title:
Greeter shows "LightDM" user due to XDG_SESSION_CLASS not being
provided to logind or ConsoleKit
To manage notifications about this bug go to:
https://bugs.launchpad.net/lightdm/+bug/1242939/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
