Login
Newsletter
Werbung
Sicherheit: Umgehung der Bildschirmsperre in gnome-shell
Aktuelle Meldungen Distributionen
Name: Umgehung der Bildschirmsperre in gnome-shell
ID: FEDORA-2014-12690
Distribution: Fedora
Plattformen: Fedora 20
Datum: So, 19. Oktober 2014, 00:19
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7300
Applikationen: GNOME

Originalnachricht

 
Name        : gnome-shell
Product     : Fedora 20
Version     : 3.10.4
Release     : 9.fc20
URL         : http://live.gnome.org/GnomeShell
Summary     : Window management and application launching for GNOME
Description :
GNOME Shell provides core user interface functions for the GNOME 3 desktop,
like switching to windows and launching applications. GNOME Shell takes
advantage of the capabilities of modern graphics hardware and introduces
innovative user interface concepts to provide a visually attractive and
easy to use experience.

-------------------------------------------------------------------------------
-
Update Information:

Security fix for lock screen circumvention by consecutive screenshot requests
 triggering OOM situation
-------------------------------------------------------------------------------
-
ChangeLog:

* Fri Oct 10 2014 Florian Müllner <fmuellner@redhat.com> - 3.10.4-9
- Disallow consecutive screenshot requests to avoid an OOM situation (#1147917)
* Thu Jul 24 2014 Adel Gadllah <adel.gadllah@gmail.com> - 3.10.4-8
- Fix crash when GLSL is not available (#1046970)
* Thu Jul 17 2014 Rex Dieter <rdieter@fedoraproject.org> - 3.10.4-7
- rebuild (for pulseaudio, bug #1117683)
* Thu Jul 10 2014 Florian Müllner <fmuellner@redhat.com> - 3.10.4-6
- Revert last patches again - the performance regression is still present
* Fri Jun 27 2014 Florian Müllner <fmuellner@redhat.com> - 3.10.4-6
- Add back crosshairs fix plus upstream workaround for the reported
  performance regressions (RH #1083500)
* Mon Jun  2 2014 Florian Müllner <fmuellner@redhat.com> - 3.10.4-5
- Remove crosshairs fix again - the update was redrawn due to performance
  regressions, 3.10.4-4 re-introduced it accidentally
* Fri May 23 2014 Adam Williamson <awilliam@redhat.com> - 3.10.4-4
- make OSK work with modal dialogs (backport, BGO #719451, RHBZ #1071907)
* Wed Apr  2 2014 Javier Hernández <jhernandez@emergya.com> - 3.10.4-3
- Fix gnome shell magnifier's crosshairs (RH #1083500)
* Mon Mar 17 2014 Adel Gadllah <adel.gadllah@gmail.com> - 3.10.4-2
- Backport fix for RH #1076981
* Wed Feb 19 2014 Florian Müllner <fmuellner@redhat.com> - 3.10.4-1
- Update to 3.10.4, drop upstreamed patches
* Tue Feb 18 2014 Adel Gadllah <adel.gadllah@gmail.com> - 3.10.3-8
- Don't duplicate gsd code and just use the xsetting it
  exports
* Mon Feb 17 2014 Adel Gadllah <adel.gadllah@gmail.com> - 3.10.3-7
- Don't enable high dpi scaling for vnc / xrdp
- Fixes RH #1065563
* Wed Feb 12 2014 Adel Gadllah <adel.gadllah@gmail.com> - 3.10.3-6
- Replace patch with one that does not hang gdm
* Wed Feb 12 2014 Adel Gadllah <adel.gadllah@gmail.com> - 3.10.3-5
- Backport high dpi support patches from upstream
* Thu Feb  6 2014 Florian Müllner <fmuellner@redhat.com> - 3.10.3-4
- Backport fix for crash when using some Java applications (#1058314)
* Fri Jan 31 2014 Florian Müllner <fmuellner@redhat.com> - 3.10.3-3
- Backport upstream fixes:
 - Fix app-menu regression (#1057517)
 - Fix window tracking regression (#1057933)
* Thu Jan 23 2014 Florian Müllner <fmuellner@redhat.com> - 3.10.3-2
- Fix app-switcher regressions introduced by the last update
* Thu Jan 16 2014 Florian Müllner <fmuellner@redhat.com> - 3.10.3-1
- Update to 3.10.3, drop downstream patches
* Thu Nov 28 2013 Florian Müllner <fmuellner@redhat.com> - 3.10.2.1-3
- Backport upstream fix for catching more extension errors
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1147917 - CVE-2014-7300 gnome-shell: lockscreen bypass with
 printscreen key
        https://bugzilla.redhat.com/show_bug.cgi?id=1147917
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program.  Use
su -c 'yum update gnome-shell' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung