Hello, Has the XDMCP buffer overflow bug been fixed for gdm? According to the ChangeLog in /usr/share/doc/gdm-2.0beta2 it has not. The bugtraq id is 1233.
The ChangeLog is from upstream, we have several dozen Red Hat patches (see the spec file). I believe we have the config option that enables the exploit off by default, and there is also a security patch related to arrays and XDMCP in our package. BugTraq shows RH 6.x as not vulnerable.I am pretty confident it's fixed but Elliot fixed it so CC'ing him in case he wants to reopen the bug.