A security issue in gdm has been made public today (August 13): https://gitlab.gnome.org/GNOME/gdm/issues/401 Mageia 5 or Mageia 6 may also be affected.
CC: (none) => marja11Assignee: bugsquad => gnome
Ubuntu has issued an advisory for this today (August 13): https://usn.ubuntu.com/3737-1/
Severity: normal => major
Announcement of the issue with link to the fix: http://openwall.com/lists/oss-security/2018/08/14/1
Debian has issued an advisory for this on August 13: https://www.debian.org/security/2018/dsa-4270 At least Mageia 6 is also affected.
Whiteboard: (none) => MGA6TOO
I'm guessing gdm-3.29.91-1.mga7 fixes it (also fixed upstream in 3.28.3): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/O375LD3DT2VXJF7MQAI3ORW6CNLS5CZE/
Version: Cauldron => 6Whiteboard: MGA6TOO => (none)
openSUSE has issued an advisory for this on September 24: https://lists.opensuse.org/opensuse-updates/2018-09/msg00139.html
Ubuntu has issued an advisory today (February 20): https://usn.ubuntu.com/3892-1/ Should be fixed in gdm-3.30.2-2.mga7 in Cauldron.
Summary: gdm new security issue CVE-2018-14424 => gdm new security issues CVE-2018-14424 and CVE-2019-3825
openSUSE has issued an advisory for the new CVE today (March 8): https://lists.opensuse.org/opensuse-updates/2019-03/msg00041.html
Fedora has issued an advisory for the new CVE on March 2: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LTST2DR6AX72XV76ZQCXME5PVKYDUVJK/ It is fixed in 3.30.3.
Mageia 6 is EOL.
CC: (none) => mramboResolution: (none) => OLDStatus: NEW => RESOLVED