Login
Newsletter
Werbung

Sicherheit: Ausbleibende Aktivierung in gnome-screensaver
Aktuelle Meldungen Distributionen
Name: Ausbleibende Aktivierung in gnome-screensaver
ID: USN-866-1
Distribution: Ubuntu
Plattformen: Ubuntu 9.10
Datum: Mo, 7. Dezember 2009, 22:27
Referenzen: https://launchpad.net/bugs/411350
Applikationen: gnome-screensaver

Originalnachricht


--===============4102964990441202603==
Content-Type: multipart/signed; micalg="pgp-sha1";
protocol="application/pgp-signature"; boundary="=-cPCQhnwwqhkh7mZLX7i8"


--=-cPCQhnwwqhkh7mZLX7i8
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Ubuntu Security Notice USN-866-1 December 07,
2009==========================================================
gnome-screensaver vulnerability
https://launchpad.net/bugs/411350
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
gnome-screensaver 2.28.0-0ubuntu3.1

After a standard system upgrade you need to restart your session to effect
the necessary changes.

Details follow:

It was discovered that gnome-screensaver did not always re-enable itself
after applications requested it to ignore idle timers. This may result in t=
he
screen not being automatically locked after the inactivity timeout is
reached, permitting an attacker with physical access to gain access to an
unlocked session.


Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-s=
creensaver_2.28.0-0ubuntu3.1.diff.gz
Size/MD5: 13327 f2c77fbb875fa28d1c44d39936232927
http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-s=
creensaver_2.28.0-0ubuntu3.1.dsc
Size/MD5: 1756 cdcdd23a16e1d25d6940e5340f6eb760
http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-s=
creensaver_2.28.0.orig.tar.gz
Size/MD5: 5069053 cdf328a0443a3cc30b4b2b36d9a99236

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-s=
creensaver_2.28.0-0ubuntu3.1_amd64.deb
Size/MD5: 4185376 942a077f04675c8d27c5d55e826b039b

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/g/gnome-screensaver/gnome-s=
creensaver_2.28.0-0ubuntu3.1_i386.deb
Size/MD5: 4168922 a3ca1ae6e3274795a0d2aff0a4b94a6f

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/g/gnome-screensaver/gnome-screensaver=
_2.28.0-0ubuntu3.1_lpia.deb
Size/MD5: 4169780 e9e90dfe93ebd18c13808e5f0bf83f4c

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/g/gnome-screensaver/gnome-screensaver=
_2.28.0-0ubuntu3.1_powerpc.deb
Size/MD5: 4179392 d0ae3da6337a4fb8b71dd0ef36f4692d

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/g/gnome-screensaver/gnome-screensaver=
_2.28.0-0ubuntu3.1_sparc.deb
Size/MD5: 4177782 ee55f5f5f3ac0e4867cd9e8c1bc450f6




--=-cPCQhnwwqhkh7mZLX7i8
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAksdckEACgkQLMAs/0C4zNqXEwCguhPfYbhR68POKx3mmJ464iep
J0UAn0q+bmXERxnwBqEG6xt0iW6Ou0ik
=Y9Qf
-----END PGP SIGNATURE-----

--=-cPCQhnwwqhkh7mZLX7i8--



--===============4102964990441202603==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============4102964990441202603==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung