[USN-3966-1] GNOME Shell vulnerability
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon May 6 15:19:02 UTC 2019
==========================================================================
Ubuntu Security Notice USN-3966-1
May 06, 2019
gnome-shell vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10
- Ubuntu 18.04 LTS
Summary:
GNOME Shell could be made to execute keyboard shortcuts and other
actions while the workstation was locked.
Software Description:
- gnome-shell: graphical shell for the GNOME desktop
Details:
It was discovered that the GNOME Shell incorrectly handled certain
keyboard inputs. An attacker could possibly use this issue to invoke
keyboard shortcuts, and potentially other actions while the workstation
was locked.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.10:
gnome-shell 3.30.2-0ubuntu1.18.10.2
Ubuntu 18.04 LTS:
gnome-shell 3.28.3+git20190124-0ubuntu18.04.2
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3966-1
CVE-2019-3820
Package Information:
https://launchpad.net/ubuntu/+source/gnome-shell/3.30.2-0ubuntu1.18.10.2
https://launchpad.net/ubuntu/+source/gnome-shell/3.28.3+git20190124-0ubuntu18.04.2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20190506/c1bff7cd/attachment.sig>
More information about the ubuntu-security-announce
mailing list