[SECURITY] Fedora 12 Update: slim-1.3.1-9.fc12

Sat Jan 2 03:29:37 UTC 2010

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-13552
2009-12-22 19:38:36
--------------------------------------------------------------------------------

Name        : slim
Product     : Fedora 12
Version     : 1.3.1
Release     : 9.fc12
URL         : http://slim.berlios.de/
Summary     : Simple Login Manager
Description :
SLiM (Simple Login Manager) is a graphical login manager for X11.
It aims to be simple, fast and independent from the various
desktop environments.
SLiM is based on latest stable release of Login.app by Per Lidén.

In the distribution, slim may be called through a wrapper, slim-dynwm,
which determines the available window managers using the freedesktop
information and modifies the slim configuration file accordingly,
before launching slim.

--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 22 2009 Lorenzo Villani <lvillani at binaryhelix.net> - 1.3.1-9
- Fix CVE-2009-1756 (bugzilla: 544024)
- Fix MIT insecure cookie generation (patch from Debian)
- Fix build with GCC 4.4
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #501562 - CVE-2009-1756 SLiM: Potential X session hijacking (MITM)
        https://bugzilla.redhat.com/show_bug.cgi?id=501562
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update slim' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------