xdm: fixed NULL pointer crash
xdm was updated on crypt() NULL pointer crashes:
* Starting with glibc 2.17 (eglibc 2.17), crypt() fails with
EINVAL (w/ NULL return) if the salt violates specifications.
Additionally, on FIPS-140 enabled Linux systems,
DES/MD5-encrypted passwords passed to crypt() fail with EPERM
(w/ NULL return).
If using glibc's crypt(), check return value to avoid a
possible NULL pointer dereference. (bnc#824884) (CVE-2013-2179)
-
Submitted by
Stefan Dirsch (sndirsch)
Fixed bugs
bnc#824884
VUL-0: xdm: CVE-2013-2179: possible NULL ptr deref in XDM when using crypt() from glibc 2.17+
CVE-CVE-2013-2179
VUL-0: xdm: CVE-2013-2179: possible NULL ptr deref in XDM when using crypt() from glibc 2.17+
