1
Candidate: CVE-2009-4642
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4642
6
gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to
7
determine session idle time, even when an Xfce desktop such as Xubuntu or
8
Mythbuntu is used, which allows physically proximate attackers to access an
9
unattended workstation on which screen locking had been intended.
12
kees> While it looks like a gnome-screensaver bug, for stable releases,
13
kees> this is an issue primarily for xfce, which doesn't use g-ss correctly.
14
kees> Going forward, gnome-session has been added to the g-ss package deps
15
kees> so that the issue is more obvious to integration attempts of g-ss.
17
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536381
22
Patches_xfce4-session:
23
upstream_xfce4-session: needed
24
dapper_xfce4-session: ignored (reached end-of-life)
25
hardy_xfce4-session: ignored (reached end-of-life)
26
intrepid_xfce4-session: needed (reached end-of-life)
27
jaunty_xfce4-session: ignored (reached end-of-life)
28
karmic_xfce4-session: ignored (reached end-of-life)
29
lucid_xfce4-session: not-affected
30
maverick_xfce4-session: not-affected
31
natty_xfce4-session: not-affected
32
oneiric_xfce4-session: not-affected
33
devel_xfce4-session: not-affected
35
Patches_gnome-screensaver:
36
upstream_gnome-screensaver: not-affected
37
dapper_gnome-screensaver: not-affected
38
hardy_gnome-screensaver: not-affected
39
intrepid_gnome-screensaver: not-affected
40
jaunty_gnome-screensaver: not-affected
41
karmic_gnome-screensaver: not-affected
42
lucid_gnome-screensaver: not-affected
43
maverick_gnome-screensaver: not-affected
44
natty_gnome-screensaver: not-affected
45
oneiric_gnome-screensaver: not-affected
46
devel_gnome-screensaver: not-affected