Package: gpm Version: 1.20.4-6 Severity: grave Tags: security upstream Justification: user security hole
Hi. Not sure whether noone has noticed this so far, but it seems to be worth a CVE, IMHO. As one can easily test, gpm uses one clip-board space for all users (including root). So if any of them marks anything sensitive, a following user can gather this information. Cheers, Chris. _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
