← Back to team overview

desktop-packages team mailing list archive

[Bug 1512931] Re: Additional Distro Versions Vuln to usn-2789-1

 

There are patches available in the Debian bug tracker (5.15 is a bit
different than the newer versions). I believe the issue is still present
in Trusty, Vivid and Wily, although it has been fixed in Precise.

** Changed in: xscreensaver (Ubuntu)
       Status: Expired => Confirmed

** Bug watch added: Debian Bug tracker #802914
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802914

** Also affects: xscreensaver (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802914
   Importance: Unknown
       Status: Unknown

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xscreensaver in Ubuntu.
https://bugs.launchpad.net/bugs/1512931

Title:
  Additional Distro Versions Vuln to usn-2789-1

Status in xscreensaver package in Ubuntu:
  Confirmed
Status in xscreensaver package in Debian:
  Unknown

Bug description:
  Not sure if you're aware, but I'm able to replicate usb-2789-1 on 
  $ cat /etc/lsb-release 
  DISTRIB_ID=Ubuntu
  DISTRIB_RELEASE=15.04
  DISTRIB_CODENAME=vivid
  DISTRIB_DESCRIPTION="Ubuntu 15.04"

  Current release in vivid:
  ||/ Name                   Version          Architecture     Description
  +++-======================-================-================-=================================================
  ii  xscreensaver           5.30-1ubuntu1    amd64            Screensaver daemon and frontend for X11

  
  The bug page only lists 12.04LTS as being vulnerable.

  I was able to reproduce by having a dual screen (desktop) setup, and
  unplugging the *secondary* (as according to display settings), whilst
  the xscreensaver password unlock dialog was open.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xscreensaver/+bug/1512931/+subscriptions