Denial of Service in Caribou
ID: | USN-4958-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 20.04 LTS, Ubuntu 20.10 |
Datum: | Di, 18. Mai 2021, 07:14 |
Referenzen: | Keine Angabe |
Applikationen: | Caribou |
Originalnachricht |
|
--===============8783589338373425089== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="3HSI3kKxVtDYXgKB" Content-Disposition: inline --3HSI3kKxVtDYXgKB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-4958-1 May 17, 2021 caribou vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS Summary: Applications using Caribou could be made to crash if given specially crafted input. Software Description: - caribou: Configurable on screen keyboard with scanning mode Details: It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: gir1.2-caribou-1.0 0.4.21-7ubuntu0.20.10.1 libcaribou0 0.4.21-7ubuntu0.20.10.1 Ubuntu 20.04 LTS: gir1.2-caribou-1.0 0.4.21-7ubuntu0.20.04.1 libcaribou0 0.4.21-7ubuntu0.20.04.1 After a standard system update you need to restart applications that use Caribou as an onscreen keyboard to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4958-1 https://launchpad.net/bugs/1912060 Package Information: https://launchpad.net/ubuntu/+source/caribou/0.4.21-7ubuntu0.20.10.1 https://launchpad.net/ubuntu/+source/caribou/0.4.21-7ubuntu0.20.04.1 --3HSI3kKxVtDYXgKB Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAmCi9I8ACgkQLwmejQBe gfQdIA/+N3k3xTp61mLGo2X85XmbAGxZ/ZV20IKyTYW5mMgwXm3noGN9KFMEmd/Y 4lCSgQs4lxoulxBROqIewQk+mfs09dRz1G8LblWqaY6KwHtck1yL0yoHfYJUS3V6 7zG0QrPfUb1iAFLMwHPuBfa1ay0fUdwsqCo4Zw9LyIf2TixncIo7HYNTibMtP+22 vxW7etEN5xsWB7WwBlE54jJRiV/3kI4z8n+jhBg38uEklDR2A3jGZHpomt7YjJsH g53Dok+PM4R0tH5/Z6pgsYaq1+m6M8r4RDo4U3CAvDX6Qo6xl8QNA2vaq/VBKSTQ znZJwLblkXuAACGUPXWyfGhPYsIF7mBl3qGOr0OWP05SLY7IRgcKd1XxlAH69c/A itHw0I64gecJc6myR+bq8OHqvntFrpJvNxpSXdQSpPm36VL3F0G3hwt2WGhMv3jp a2cEj3JmwNsdcirv6iVS5p1yKavWSts24ZC34ya9ORPzotmtqfBDzHhXoSQoGCQK X1QAviOTJm3hjrFpR/LVamkdL0VZkJHy9Rle2ITm6C6a9adIWf4ZqWMY77q92gc9 Mzd3D5NvSITVY6ctAtq4K/vp+cn5CyGcJnCySorn04irweuaHigm3akaV9UqaN23 iEEWtkJmZCUudmajznC+nTB5RDmaDR3YpQfwbTM0/yTwpvqCR84= =5LJw -----END PGP SIGNATURE----- --3HSI3kKxVtDYXgKB-- --===============8783589338373425089== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |