4

USN-866-1: gnome-screensaver vulnerability

view full story
linux-howto

http://www.ubuntu.com – Description:  =========================================================== Ubuntu Security Notice USN-866-1 December 07, 2009 gnome-screensaver vulnerability https://launchpad.net/bugs/411350 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: gnome-screensaver 2.28.0-0ubuntu3.1 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: It was discovered that gnome-screensaver did not always re-enable itself after applications requested it to ignore idle timers. This may result in the screen not being automatically locked after the inactivity timeout is reached, permitting an attacker with physical access to gain access to an unlocked session. (Distributions)