Package: gpm Version: 1.20.4-6 Severity: grave Tags: security upstream Justification: user security hole
Hi. Not sure whether noone has noticed this so far, but it seems to be worth a CVE, IMHO. As one can easily test, gpm uses one clip-board space for all users (including root). So if any of them marks anything sensitive, a following user can gather this information. Cheers, Chris. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org