[USN-1716-1] gnome-screensaver vulnerability

Marc Deslauriers marc.deslauriers at canonical.com
Tue Feb 12 14:00:37 UTC 2013


==========================================================================
Ubuntu Security Notice USN-1716-1
February 12, 2013

gnome-screensaver vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

gnome-screensaver would allow unintended access to the user session.

Software Description:
- gnome-screensaver: GNOME screen saver and locker

Details:

It was discovered that gnome-screensaver did not start automatically after
logging in. This may result in the screen not being automatically locked
after the inactivity timeout is reached, permitting an attacker with
physical access to gain access to an unlocked session.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
  gnome-screensaver               3.6.0-0ubuntu2.1

After a standard system update you need to restart your session to make
all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-1716-1
  CVE-2013-1050

Package Information:
  https://launchpad.net/ubuntu/+source/gnome-screensaver/3.6.0-0ubuntu2.1


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130212/9c0205c3/attachment.pgp>


More information about the ubuntu-security-announce mailing list