Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 03 Aug 2012 12:00:46 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Marcus Meissner <meissner@...e.de>
Subject: Re: gnome-screensaver 3.4.2 locked only active screen

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/03/2012 07:12 AM, Marcus Meissner wrote:
> Hi,
> 
> (FYI ... if no one shipped g-s 3.4.2, it probably does not need a
> CVE. openSUSE 12.2 fixed it during development.)
> 
> gnome-screensaver 3.4.2 (the only version affected) had the
> screenlock on multi-display settings only locking the screen with
> active focus. The other displayscreens staid unlocked and usable.
> 
> https://bugzilla.gnome.org/679441
> 
> Ciao, Marcus

The bug entry shows multiple people complaining so looks like it's out
there. Please use CVE-2012-3452 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQHBHOAAoJEBYNRVNeJnmToAkP/0MSpx/h5wMy418bALPn0kmK
6nXkem9mvSsURW6LMvlOIscvWcCOLL90orV5HQQnfRf2zoxfWaSEylYxwCuWenFq
nVMDBcc8kehBcyc1NrFNEyKiSS640/hvlBUjUtwIsYHFmkTnYa24M507LEhs/5tn
Ey/t5KqNtWt5xCyvrU9tEjcv4lWfW700sDMYl9TgDIDBu6CLHAPDWmAvbTUugaL9
RvFnaFaXfb8fLF3h2dJuxMEr0vFn3l//tdtHBi4N4v8u5Q1+uOii0skFObw+SZis
4CRAfGi9t4ss5Vcp8RjuSBngQmHSXVssoETRnRBT00QgK52V2NVELLQy1QeG0nUr
6Z6mcwX2Vi/AA4T0oIDEh5WHYrZyYkQ1EOZ5XmE65DLqykmAQzfAw21A9e6W7unq
UH8FseAZCBGdjn0slgjKbtSO15GiUmtQ9ir6VURf8khkzxRJsAC4MF1UWvspjshA
HDVUf67bLfgMnoGs44li0xujDB7v6nwRizwy5siZm6kaid/B8PxBjRWU6i8IRWfP
O1HQ2p/HCmRVs3nIcJonaeGRfhBK6ooXasfiYKrKOjhSWd5tMt5HcfSsIA+H1blO
z68n5DgIhiuZA+SQmhQHKAgkQYY4DHmjDMozKE4pUNxR+VNZziXVpwWor9dl7NQU
JEbKXtUjdkT45fbfp8Ke
=B99R
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ