Login
Newsletter
Werbung

Sicherheit: Umgehung der Bildschirmsperre in gtk+2.0
Aktuelle Meldungen Distributionen
Name: Umgehung der Bildschirmsperre in gtk+2.0
ID: MDVSA-2010:109
Distribution: Mandriva
Plattformen: Mandriva Corporate 4.0, Mandriva 2008.0, Mandriva 2009.0, Mandriva 2009.1, Mandriva Enterprise Server 5.0
Datum: Do, 27. Mai 2010, 18:40
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0732
Applikationen: gtk+2.0

Originalnachricht

This is a multi-part message in MIME format...

------------=_1274974213-24326-8291


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:109
http://www.mandriva.com/security/
_______________________________________________________________________

Package : gtk+2.0
Date : May 27, 2010
Affected: 2008.0, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability was discovered and fixed in gtk+2.0:

gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver
before 2.28.1, performs implicit paints on windows of type
GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances
and consequently allows physically proximate attackers to bypass
screen locking and access an unattended workstation by pressing the
Enter key many times (CVE-2010-0732).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

This update fixes this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0732
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:
c3a29224a7ab7f869fad3541908f6eff
2008.0/i586/gtk+2.0-2.12.1-2.2mdv2008.0.i586.rpm
f3b1608da1dce0eb474b1f21bd77d75b
2008.0/i586/libgdk_pixbuf2.0_0-2.12.1-2.2mdv2008.0.i586.rpm
040a1ca71f7eadb280de43c92e49c17d
2008.0/i586/libgdk_pixbuf2.0_0-devel-2.12.1-2.2mdv2008.0.i586.rpm
57e8f954302b4c65ade25df18a6c95df
2008.0/i586/libgtk+2.0_0-2.12.1-2.2mdv2008.0.i586.rpm
49419f6f92d6b0ec484aced9de1bab2e
2008.0/i586/libgtk+2.0_0-devel-2.12.1-2.2mdv2008.0.i586.rpm
00b2ead1a22168be0125f115d8f0acb1
2008.0/i586/libgtk+-x11-2.0_0-2.12.1-2.2mdv2008.0.i586.rpm
e6ad155061eed97be73cd9cc8a52a0d9
2008.0/SRPMS/gtk+2.0-2.12.1-2.2mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
311dd4f3603ff9759e1136eeecaee89b
2008.0/x86_64/gtk+2.0-2.12.1-2.2mdv2008.0.x86_64.rpm
1af93ae5f0a506d4bd96d488335b4aa4
2008.0/x86_64/lib64gdk_pixbuf2.0_0-2.12.1-2.2mdv2008.0.x86_64.rpm
90ad7d83058d56e88961cbb4a4087b74
2008.0/x86_64/lib64gdk_pixbuf2.0_0-devel-2.12.1-2.2mdv2008.0.x86_64.rpm
67e8e76883260fff690d6b04ebb89cfc
2008.0/x86_64/lib64gtk+2.0_0-2.12.1-2.2mdv2008.0.x86_64.rpm
129c65e8a1b8ba370556de12547c9f5c
2008.0/x86_64/lib64gtk+2.0_0-devel-2.12.1-2.2mdv2008.0.x86_64.rpm
57e9f7712ed1f9eda1a1729c29049f8d
2008.0/x86_64/lib64gtk+-x11-2.0_0-2.12.1-2.2mdv2008.0.x86_64.rpm
e6ad155061eed97be73cd9cc8a52a0d9
2008.0/SRPMS/gtk+2.0-2.12.1-2.2mdv2008.0.src.rpm

Mandriva Linux 2009.0:
bcd63973ddb957847088f71b5cfc039b
2009.0/i586/gtk+2.0-2.14.3-2.1mdv2009.0.i586.rpm
9b46f9018c8fbb2d1e052e0cdd473ff4
2009.0/i586/libgail18-2.14.3-2.1mdv2009.0.i586.rpm
4d243b829780c8d2f35b4a5f08ac9acb
2009.0/i586/libgail-devel-2.14.3-2.1mdv2009.0.i586.rpm
a8ca74ec343faac9f4445cfc88b5accc
2009.0/i586/libgdk_pixbuf2.0_0-2.14.3-2.1mdv2009.0.i586.rpm
583607af6457480c4cb71af16f6f4563
2009.0/i586/libgdk_pixbuf2.0_0-devel-2.14.3-2.1mdv2009.0.i586.rpm
8b9b0c013bc5815e5803b3be4e681433
2009.0/i586/libgtk+2.0_0-2.14.3-2.1mdv2009.0.i586.rpm
10f6558dc95fe770c87e99f711c089fb
2009.0/i586/libgtk+2.0_0-devel-2.14.3-2.1mdv2009.0.i586.rpm
23eb8c8cfc87a4209b125b8909fb8a9b
2009.0/i586/libgtk+-x11-2.0_0-2.14.3-2.1mdv2009.0.i586.rpm
d301fc61a2c8dc41a436edb699061955
2009.0/SRPMS/gtk+2.0-2.14.3-2.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
6999641e621f9ee15bc439e0fe9b981f
2009.0/x86_64/gtk+2.0-2.14.3-2.1mdv2009.0.x86_64.rpm
33851500c872f253715d11fc1f0b908d
2009.0/x86_64/lib64gail18-2.14.3-2.1mdv2009.0.x86_64.rpm
47eaee7ac4576291e0974d7117a89459
2009.0/x86_64/lib64gail-devel-2.14.3-2.1mdv2009.0.x86_64.rpm
e2b68a8d746c9bb2bd515c93220ed73d
2009.0/x86_64/lib64gdk_pixbuf2.0_0-2.14.3-2.1mdv2009.0.x86_64.rpm
62060cfea7c077bebf712ddeea8960f1
2009.0/x86_64/lib64gdk_pixbuf2.0_0-devel-2.14.3-2.1mdv2009.0.x86_64.rpm
c191760f279fc7ef06bef3e37d3a5f82
2009.0/x86_64/lib64gtk+2.0_0-2.14.3-2.1mdv2009.0.x86_64.rpm
8c3cbfa56ca337b7e76ede7cdb6bf2dd
2009.0/x86_64/lib64gtk+2.0_0-devel-2.14.3-2.1mdv2009.0.x86_64.rpm
650995e6bec10b2d424b708e1be21d2f
2009.0/x86_64/lib64gtk+-x11-2.0_0-2.14.3-2.1mdv2009.0.x86_64.rpm
d301fc61a2c8dc41a436edb699061955
2009.0/SRPMS/gtk+2.0-2.14.3-2.1mdv2009.0.src.rpm

Mandriva Linux 2009.1:
f2396f78726e185da0c3bef4d762e8d0
2009.1/i586/gtk+2.0-2.16.1-4.1mdv2009.1.i586.rpm
07d45a8c633b79b3769035bcb0612a4b
2009.1/i586/libgail18-2.16.1-4.1mdv2009.1.i586.rpm
9110a10744b8f30bbcf67cd8c03eb4c7
2009.1/i586/libgail-devel-2.16.1-4.1mdv2009.1.i586.rpm
6f6edd01aec6960ddef6da316deb0e67
2009.1/i586/libgdk_pixbuf2.0_0-2.16.1-4.1mdv2009.1.i586.rpm
1e74c1e51677679f4d1f717253bac8f8
2009.1/i586/libgdk_pixbuf2.0_0-devel-2.16.1-4.1mdv2009.1.i586.rpm
e0e5a02076551f016ea6e6589f730889
2009.1/i586/libgtk+2.0_0-2.16.1-4.1mdv2009.1.i586.rpm
0c60691889b01ef91fdc10c31d9f7a44
2009.1/i586/libgtk+2.0_0-devel-2.16.1-4.1mdv2009.1.i586.rpm
ce7bebde4979c54ed0b73c0d6a45c973
2009.1/i586/libgtk+-x11-2.0_0-2.16.1-4.1mdv2009.1.i586.rpm
6aa3cd35d549c1196922e8301f426db7
2009.1/SRPMS/gtk+2.0-2.16.1-4.1mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
ce505e19d99cf9fdcfee3b10f8c58527
2009.1/x86_64/gtk+2.0-2.16.1-4.1mdv2009.1.x86_64.rpm
77442eb6613fecc7347e165e1f9830a6
2009.1/x86_64/lib64gail18-2.16.1-4.1mdv2009.1.x86_64.rpm
2a0429f85ee92c150ae4869a688b1601
2009.1/x86_64/lib64gail-devel-2.16.1-4.1mdv2009.1.x86_64.rpm
502a01d2c51a10a523f6ca517ab1ac03
2009.1/x86_64/lib64gdk_pixbuf2.0_0-2.16.1-4.1mdv2009.1.x86_64.rpm
e1614cfcf1baef0af2fa796b1efa01cd
2009.1/x86_64/lib64gdk_pixbuf2.0_0-devel-2.16.1-4.1mdv2009.1.x86_64.rpm
b3048473a02a234d4e11f594276b4cc7
2009.1/x86_64/lib64gtk+2.0_0-2.16.1-4.1mdv2009.1.x86_64.rpm
cddd82c64d1cf1ea6f4f09cc1298887f
2009.1/x86_64/lib64gtk+2.0_0-devel-2.16.1-4.1mdv2009.1.x86_64.rpm
8483720dfddcaca2596bcb3ea6c7d083
2009.1/x86_64/lib64gtk+-x11-2.0_0-2.16.1-4.1mdv2009.1.x86_64.rpm
6aa3cd35d549c1196922e8301f426db7
2009.1/SRPMS/gtk+2.0-2.16.1-4.1mdv2009.1.src.rpm

Corporate 4.0:
0ae2bde2a8110529a3264873d4286212
corporate/4.0/i586/gtk+2.0-2.8.3-4.4.20060mlcs4.i586.rpm
767685aae1b2911d834d929471344fec
corporate/4.0/i586/libgdk_pixbuf2.0_0-2.8.3-4.4.20060mlcs4.i586.rpm
4a9f22f438875e2f60daed8bc243adc4
corporate/4.0/i586/libgdk_pixbuf2.0_0-devel-2.8.3-4.4.20060mlcs4.i586.rpm
1f7ef426ce7aeb211403debacb5e1d84
corporate/4.0/i586/libgtk+2.0_0-2.8.3-4.4.20060mlcs4.i586.rpm
3a550de7eed2fec9c99757cfa66e2920
corporate/4.0/i586/libgtk+2.0_0-devel-2.8.3-4.4.20060mlcs4.i586.rpm
84008c122de9aa323340bb295ed9e089
corporate/4.0/i586/libgtk+-x11-2.0_0-2.8.3-4.4.20060mlcs4.i586.rpm
622fba84b6f40c807e45f2ba8350e393
corporate/4.0/SRPMS/gtk+2.0-2.8.3-4.4.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
e6c4ac5d0cc5c5096980f11f3048831e
corporate/4.0/x86_64/gtk+2.0-2.8.3-4.4.20060mlcs4.x86_64.rpm
9e439be03915be4d385e844064de2bf0
corporate/4.0/x86_64/lib64gdk_pixbuf2.0_0-2.8.3-4.4.20060mlcs4.x86_64.rpm
548d7bdadec30152cd8ed125332d8169
corporate/4.0/x86_64/lib64gdk_pixbuf2.0_0-devel-2.8.3-4.4.20060mlcs4.x86_64.rpm
fcdf5eb7a865f6a26ba70947df20fb06
corporate/4.0/x86_64/lib64gtk+2.0_0-2.8.3-4.4.20060mlcs4.x86_64.rpm
7f6ae0aab6b8c80af0396199f0865d3a
corporate/4.0/x86_64/lib64gtk+2.0_0-devel-2.8.3-4.4.20060mlcs4.x86_64.rpm
1dc4c1312a013adbb66658a1327414ed
corporate/4.0/x86_64/lib64gtk+-x11-2.0_0-2.8.3-4.4.20060mlcs4.x86_64.rpm
622fba84b6f40c807e45f2ba8350e393
corporate/4.0/SRPMS/gtk+2.0-2.8.3-4.4.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
760ed4665a40b3fde0c15fa9d2692a1a
mes5/i586/gtk+2.0-2.14.3-2.1mdvmes5.1.i586.rpm
890959e5def2126453e7d148979f69a4
mes5/i586/libgail18-2.14.3-2.1mdvmes5.1.i586.rpm
a6d398c6f8880269107ef97d3cc1a539
mes5/i586/libgail-devel-2.14.3-2.1mdvmes5.1.i586.rpm
5cea1edcdfa14f0feb895fc352c6f3e4
mes5/i586/libgdk_pixbuf2.0_0-2.14.3-2.1mdvmes5.1.i586.rpm
7e700ed416c7429537dd3375d22d185e
mes5/i586/libgdk_pixbuf2.0_0-devel-2.14.3-2.1mdvmes5.1.i586.rpm
6200d92b320fe8b3c16eeb35f5645651
mes5/i586/libgtk+2.0_0-2.14.3-2.1mdvmes5.1.i586.rpm
8db1105ffa383ad54593805784b31283
mes5/i586/libgtk+2.0_0-devel-2.14.3-2.1mdvmes5.1.i586.rpm
43b14eb35a4ab62fe51eb17d5b86a93b
mes5/i586/libgtk+-x11-2.0_0-2.14.3-2.1mdvmes5.1.i586.rpm
a657d365ff839ee3a2a0ebb72d290cdc
mes5/SRPMS/gtk+2.0-2.14.3-2.1mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
e93453ce255fdae6f6d712b21e70bf9c
mes5/x86_64/gtk+2.0-2.14.3-2.1mdvmes5.1.x86_64.rpm
b4694b5b1bc7234ec2605c742aa1106c
mes5/x86_64/lib64gail18-2.14.3-2.1mdvmes5.1.x86_64.rpm
279970ee4c96b2fe22f0e7eb3a4d2aab
mes5/x86_64/lib64gail-devel-2.14.3-2.1mdvmes5.1.x86_64.rpm
75b722930a354ac78629b186e49bacd3
mes5/x86_64/lib64gdk_pixbuf2.0_0-2.14.3-2.1mdvmes5.1.x86_64.rpm
b7367c9e1204038a1ece45a8090b1c08
mes5/x86_64/lib64gdk_pixbuf2.0_0-devel-2.14.3-2.1mdvmes5.1.x86_64.rpm
88f2b9c887f2a33c4d48119dfe71a888
mes5/x86_64/lib64gtk+2.0_0-2.14.3-2.1mdvmes5.1.x86_64.rpm
e9eafb8ee40f13074ed6e4e1aca4c65c
mes5/x86_64/lib64gtk+2.0_0-devel-2.14.3-2.1mdvmes5.1.x86_64.rpm
c9a3f5de6bb9a073a0e88ce3ee1ef5e6
mes5/x86_64/lib64gtk+-x11-2.0_0-2.14.3-2.1mdvmes5.1.x86_64.rpm
a657d365ff839ee3a2a0ebb72d290cdc
mes5/SRPMS/gtk+2.0-2.14.3-2.1mdvmes5.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFL/l6wmqjQ0CJFipgRArPEAKCjOMl44IdKwIYcOQDeJiW1xDwoegCeJ6Eo
oHX5TFkOzJlWesVZAPGxJKQ=
=UJoI
-----END PGP SIGNATURE-----


------------=_1274974213-24326-8291
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1274974213-24326-8291--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung