This ERRATA for SL 6.0 i386/x86_64 are now available from:
ftp://ftp.scientificlinux.org/linux/scientific/6.0/i386/updates/security/
ftp://ftp.scientificlinux.org/linux/scientific/6.0/x86_64/updates/security/

-------------------------------------------------------------------------

Synopsis:          Moderate: gdm security update
Issue date:        2011-03-29
CVE Names:         CVE-2011-0727

The GNOME Display Manager (GDM) provides the graphical login screen, shown
shortly after boot up, log out, and when user-switching.

A race condition flaw was found in the way GDM handled the cache
directories used to store users' dmrc and face icon files. A local attacker
could use this flaw to trick GDM into changing the ownership of an
arbitrary file via a symbolic link attack, allowing them to escalate their
privileges. (CVE-2011-0727)

We would like to thank Sebastian Krahmer of the SuSE Security Team for
reporting this issue.

SL 6.x

SRPMS:

 	gdm-2.30.4-21.el6_0.1.src.rpm

i386:

 	gdm-2.30.4-21.el6_0.1.i686.rpm
 	gdm-libs-2.30.4-21.el6_0.1.i686.rpm
 	gdm-plugin-fingerprint-2.30.4-21.el6_0.1.i686.rpm
 	gdm-plugin-smartcard-2.30.4-21.el6_0.1.i686.rpm
 	gdm-user-switch-applet-2.30.4-21.el6_0.1.i686.rpm

x86_64:

 	gdm-2.30.4-21.el6_0.1.x86_64.rpm
 	gdm-libs-2.30.4-21.el6_0.1.i686.rpm
 	gdm-libs-2.30.4-21.el6_0.1.x86_64.rpm
 	gdm-plugin-fingerprint-2.30.4-21.el6_0.1.x86_64.rpm
 	gdm-plugin-smartcard-2.30.4-21.el6_0.1.x86_64.rpm
 	gdm-user-switch-applet-2.30.4-21.el6_0.1.x86_64.rpm

-Connie Sieh
-Troy Dawson