Ubuntu has issued an advisory on May 11: https://usn.ubuntu.com/usn/usn-3285-1/ It sounded like an issue that only affected Ubuntu, not only specifically mentioning Ubuntu in the CVE description, but referring to it bypassing restrictions put in place by AppArmor, which only Ubuntu uses. However, Fedora has followed suit, also disabling the guest session: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/W2D2FV2SZQVW6QD3LMNU6MV4QLIS6QML/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HXVOLJ7UBXHXF75UIKSTAEXDPVGJYLKK/ and maybe if we don't have AppArmor, even if the feature worked as intended, maybe guest sessions in lightdm would be allowing something they shouldn't be on Mageia, so if we haven't disabled them, perhaps we should.
Disabled guest sessions in lightdm-1.24.0-1.mga7.
Thanks Jani. Do you think we should disable it in the stable releases?
Status comment: (none) => Could be fixed by disabling guest sessionsVersion: Cauldron => 6Source RPM: lightdm-1.18.3-4.mga7.src.rpm => lightdm-1.18.3-3.mga6.src.rpm
Mageia 6 is EOL.
Resolution: (none) => OLDCC: (none) => mramboStatus: NEW => RESOLVED