Date: Mon, 4 Nov 2013 22:37:11 +0900 From: Fuminobu TAKEYAMA <ftake@...ko.jp> To: Marcus Meissner <meissner@...e.de> Cc: OSS Security List <oss-security@...ts.openwall.com> Subject: Re: CVE Request: IBUS showing passwords during password input Hello, > The behaviour started (I think) with with IBUS 1.5.4 Yes. It happens on IBus-enabled GNOME 3.6+ with IBus 1.5.4 if IBus's engines (plug-ins) do not support new API introduced by 1.5.4. Actually, this problem is not found by me, though. The upstream has already announced in . An IBus developer (Mr. Fuijiwara) says in : "1.5.2 or lower do not handle the input purpose so the typed chars are shown as the bug." So I think the same problem may happen also on GNOME 3.6 + IBus 1.5.2.  https://groups.google.com/forum/#!topic/ibus-user/mvCHDO1BJUw Best regards, Fuminobu TAKEYAMA 2013/11/4 Marcus Meissner <meissner@...e.de>: > Hi, > > One of our Japanese users found that some IBUS input methods > show passwords while typing them, if a special "intent" is not > provided. > > https://bugzilla.novell.com/show_bug.cgi?id=847718 > https://groups.google.com/forum/#!topic/ibus-user/mvCHDO1BJUw > > The behaviour started (I think) with with IBUS 1.5.4 > > Fuminobu Takeyama, is this correct? > > Ciao, Marcus
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.