| Package | libxdmcp |
|---|---|
| Version | 1:1.1.1-1+deb7u1 |
| Related CVEs | CVE-2017-2625 |
It has been found, that libxdmcp, an X11 Display Manager Control Protocol library, uses weak entropy to generate keys. Using arc4random_buf() from libbsd should avoid this flaw.
For Debian 7 Wheezy, these problems have been fixed in version 1:1.1.1-1+deb7u1.
We recommend that you upgrade your libxdmcp packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.