An updated gdm package that fixes a security issue and a bug is now available.
This update has been rated as having low security impact by the CentOS
Security Response Team.
Gdm (the GNOME Display Manager) is a highly configurable reimplementation
of xdm, the X Display Manager. Gdm allows you to log into your system with
the X Window System running and supports running several different X
sessions on your local machine at the same time.
Marcus Meissner discovered a race condition issue in the way Gdm modifies
the permissions on the .ICEauthority file. A local attacker could exploit
this flaw to gain privileges. Due to the nature of the flaw, however, a
successful exploitation was unlikely. (CVE-2006-1057)
This erratum also includes a bug fix to correct the pam configuration for
the audit system.
All users of gdm should upgrade to this updated package, which contains
backported patches to resolve these issues.