dx-packages team mailing list archive
-
dx-packages team
-
Mailing list archive
-
Message #14076
[Bug 1310690] [NEW] Lock screen password field does not "capture" key press - password is disclosed in background application
*** This bug is a security vulnerability ***
Public security bug reported:
The new lockscreen in Ubuntu 14.04 is really nice, however I noticed (by 2 times already) that the password field doesn't "capture" the key presses sometimes. Key presses are not registered by the field and it looks like it is frozen (except by the cursor blinking). What I had to do when this happened was to wait until the tentative expires (screen goes blank) and then try again - then it worked.
However the application running in the foregroung (or background, if you consider the lockscreen is on top) received the key presses, i.e, my whole password - you can imagine the implications if it was a chat window.
I'm using 14.04, upgraded by 04/17 from 12.04 - all packages updated.
** Affects: unity (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of DX
Packages, which is subscribed to unity in Ubuntu.
Matching subscriptions: dx-packages
https://bugs.launchpad.net/bugs/1310690
Title:
Lock screen password field does not "capture" key press - password is
disclosed in background application
Status in “unity” package in Ubuntu:
New
Bug description:
The new lockscreen in Ubuntu 14.04 is really nice, however I noticed (by 2 times already) that the password field doesn't "capture" the key presses sometimes. Key presses are not registered by the field and it looks like it is frozen (except by the cursor blinking). What I had to do when this happened was to wait until the tentative expires (screen goes blank) and then try again - then it worked.
However the application running in the foregroung (or background, if you consider the lockscreen is on top) received the key presses, i.e, my whole password - you can imagine the implications if it was a chat window.
I'm using 14.04, upgraded by 04/17 from 12.04 - all packages updated.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1310690/+subscriptions
Follow ups
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: albert-geert, 2014-10-14
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Marc Deslauriers, 2014-08-01
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: eslin, 2014-08-01
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: eslin, 2014-08-01
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Launchpad Bug Tracker, 2014-07-28
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Launchpad Bug Tracker, 2014-07-28
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Fabio Machado, 2014-05-28
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Andrea Azzarone, 2014-05-28
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Seth Arnold, 2014-04-23
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Fabio Machado, 2014-04-22
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Andrea Azzarone, 2014-04-21
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Seth Arnold, 2014-04-21
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Fabio Machado, 2014-04-21
-
[Bug 1310690] Re: Lock screen password field does not "capture" key press - password is disclosed in background application
From: Andrea Azzarone, 2014-04-21
-
[Bug 1310690] [NEW] Lock screen password field does not "capture" key press - password is disclosed in background application
From: Fabio Machado, 2014-04-21
References
