It was found that when XDMCP sercer is enabled and LightDM receives an XDMCP Request packet with no addresses, it will attempt to access a negative index into an array, causing denial of service.
Created lightdm tracking bugs for this issue:
Affects: fedora-all [bug 1284575]
per linked fedora bug,
According to the CVE_2015-8316 text, "some versions of LightDM (1.14 and 1.16 series) are vulnerable".
Fedora (and EPEL) ship lightdm-1.10.x, so it would appear we are safe, closing.