Contributed by grey on from the almost overlooked a patch dept.
008: SECURITY FIX: May 26, 2004
With the introduction of IPv6 code in xdm(1), one test on the 'requestPort' resource was deleted by accident. This makes xdm create the chooser socket even if xdmcp is disabled in xdm-config, by setting requestPort to 0. See XFree86 bugzilla for details.
A source code patch exists which remedies this problem.
Update: thanks to Brad Smith for pointing out that this issue does not affect 3.4.
(Comments are closed)