3

USN-898-1: gnome-screensaver vulnerability

view full story
linux-howto

http://www.ubuntu.com – Referenced CVEs:  CVE-2010-0414 Description:  =========================================================== Ubuntu Security Notice USN-898-1 February 10, 2010 gnome-screensaver vulnerability CVE-2010-0414 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: gnome-screensaver 2.28.0-0ubuntu3.4 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: It was discovered that gnome-screensaver did not correctly handle monitor hotplugging. An attacker with physical access could cause gnome-screensaver to crash and gain access to the locked session. (Distributions)