it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Michael Gilbert <mgilbert AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 3438-1] xscreensaver security update
- Date: Sun, 10 Jan 2016 14:08:36 -0500
- List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
- List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-return-path: <gilbert AT psidef.org>
- Priority: urgent
- Resent-date: Sun, 10 Jan 2016 19:08:56 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <wkMEsbEd0cO.A.tHH.IxqkWB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3438-1 security AT debian.org
https://www.debian.org/security/ Michael Gilbert
January 09, 2016 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xscreensaver
CVE ID : CVE-2015-8025
Debian Bug : 802914
It was discovered that unplugging one of the monitors in a multi-monitor
setup can cause xscreensaver to crash. Someone with physical access to
a machine could use this problem to bypass a locked session.
For the oldstable distribution (wheezy), this problem has been fixed
in version 5.15-3+deb7u1.
For the stable distribution (jessie), this problem has been fixed in
version 5.30-1+deb8u1.
For the testing (stretch) and unstable (sid) distributions, this problem
has been fixed in version 5.34-1.
We recommend that you upgrade your xscreensaver packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQQcBAEBCgAGBQJWkdSSAAoJELjWss0C1vRz8f8gAKZVd93r5W9p1DzxjaKo0OCi
cIBnzsUrCi1m89yztrecnYORFAEc5KRMras50I5OcTNQzOqyY0nl9VzfDL4mRIfP
w3p1qyNDvh51+4Kjnrf3g+UxiwcvZg9Js+Y5wWGI5xMeGNyJO9nARi7E1gvHOxu5
mNoPaZTUiitxsYYR6qNliLWvqeK2DYL+cLHkzP9p14yLumlUpdML33xvgwnznUpH
UlgUCsXxvrPUYgmOACQN23WZ5ETsdj6ZKArGlpCvlx2769o+MziecICY0nYvV+St
KzWoFvf0CQ2JoyIKUcqWvCOl2ku14bSbIW5ySWHehvw+c9lSo/xbeYECUSXUf9d2
JoO0GPUwTCGGsXsDuTj+UxmzC+7qXOgutiMA6aXWGxWlvewy9+366GVgOqvkjOly
6/pNRVGX39xZAXdJR+jHuPldjF7iZx3v2R++Oc95nP94A3+RLksku0ZUIrG0mjli
tsfzyYzvjpxDEhS5ETn4V7aKqo0veYwuUCmFgzMjRpIKG3s+jMoO8BJmBb7FW6SR
EIyHvkhir7uVHG8ERJbAQxjWaBzqSOy45fDtasNSChhHZdH4NNzmFyY32Os7FjNF
lVIcXYaOKr+mhnDekYWGvGj+Fr08U+dJBPUztYuRS8MClIgED+y77867PovwyQdR
UM70qRYLpVDCkh46QZ/7dMEbCD5goeuJetshk90cyhl4WgRsyJMmcglIrGBi04aI
yK9JuuqPLesYrlgS+IlhNwhAGVlwrLFtj9vat/E5WckjiXN/fSuLyHxtt/lKLKsx
dxE889BHXrju7QzuCSH9KeGIpnm66CdWhIKn4SRZiaXjC6NbwHyNxalF/F9Xj6uy
q3hPzOXYddASQEH9Wyk1swlXk92uIGq8qo8fqOH9ANygcPEdFxCvSntweIrfqg6A
nJ6xBdW6aMKlLK1Tu/kq3pnIsUUz8tGIdzgYuOIucnbECIJl1SgG8O1XQXAvDx0G
kFVsuxnRJ/3f88+Y0PF1n50/90NCbXBYMQfky27R4xpQXDxppkfH2HYi1MEDXZiq
ZQQL5nm3ZbHprgVSQTrjiZ7E/lDv+g0iyd8EnUmTUi2BCOCPJqdW8+HvfKw74T7n
sDjAn+D6IDlk+qSZwVFMgzZVhOVK8dANQIOzH8Pb2VcTTVuA4SHsEyZ75lkvpXrt
76QnSPDEo+ItK6+4j2rrZ/Smsl6ujqr7ttPLKrb+/gH/0RlYfyY+NZ6auM27bTTY
eqgKvNM9apzppcX2piMf6OUKV/cMbl+XdWdq0xEgtRixBc/OzhSE+GTTySVriP7/
UeJinBxRZROJZMBzyavcd8hPX8iLpm9jp4PeyBoDaawUdbgxSc6hwjsVBDUQszY=
=k6lg
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 3438-1] xscreensaver security update, Michael Gilbert, 10.01.2016
Archiv bereitgestellt durch MHonArc 2.6.19.