An authentication error in GDM could allow users to gain elevated privileges.
|Package||gnome-base/gdm on all architectures|
|Affected versions||< 18.104.22.168|
|Unaffected versions||>= 22.214.171.124|
GDM is the GNOME display manager.
GDM allows a normal user to access the configuration manager.
When the "face browser" in GDM is enabled, a normal user can use the "configure login manager" with his/her own password instead of the root password, and thus gain additional privileges.
There is no known workaround at this time.
All GDM users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=gnome-base/gdm-126.96.36.199"
June 12, 2006
June 19, 2006: 02