==========================================================Ubuntu Security Notice USN-278-1 May 03, 2006
A security issue affects the following Ubuntu releases:
The problem can be corrected by upgrading the affected package to
version 184.108.40.206-0ubuntu7.1 (for Ubuntu 5.04) or 220.127.116.11-0ubuntu1.1
(for Ubuntu 5.10). In general, a standard system upgrade is
sufficient to effect the necessary changes.
Marcus Meissner discovered a race condition in gdm's handling of the
~/.ICEauthority file permissions. A local attacker could exploit this
to become the owner of an arbitrary file in the system. When getting
control over automatically executed scripts (like cron jobs), the
attacker could eventually leverage this flaw to execute arbitrary
commands with root privileges.