-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2008-11-07 13:25:27 UTC
-
Revision ID:
james.westby@ubuntu.com-20081107132527-n8oesbvjreptiwci
Tags: 2.20.0-0ubuntu4.3
* SECURITY UPDATE: the notify feature may allow local users to read
clipboard contents in a locked session via a Ctrl-V (LP: #146862)
- debian/patches/10_cve-2007-6389.patch: update src/gs-lock-plug.c to
clear the clipboards before showing the lock dialog.
- CVE-2007-6389
* SECURITY UPDATE: a network outage while using a remote authentication
server may make gnome-screensaver give access to a locked session
- debian/patches/11_cve-2008-0887.patch: update src/setuid.c to fix error
handling when network is down, update src/gnome-screensaver-dialog.c
to exit gracefully when network is down.
- CVE-2008-0887