Bug#738828: cinnamon: CVE-2014-1949
Today I spoken in upstream's devel chat about it, this bug is still present even if not always reproducible. Affect older cinnamon's debian package and new cinnamon-screensaver. One user have posted a bad and probably partial fix: https://github.com/RavetcoFX/cinnamon-screensaver/commit/89150d21004faf63722e6c47af639071de42c6e6 I have some doubts on how to go about it, experts debian's developerscan give me some advices please? Thanks for any reply and sorry for my bad english. smime.p7s Description: Firma crittografica S/MIME
Bug#738828: [pkg-cinnamon] Bug#738828: cinnamon: CVE-2014-1949
¡Hola Fabio! El 2014-07-19 a las 18:33 +0200, Fabio Fantoni escribió: Today I spoken in upstream's devel chat about it, this bug is still present even if not always reproducible. Affect older cinnamon's debian package and new cinnamon-screensaver. One user have posted a bad and probably partial fix: https://github.com/RavetcoFX/cinnamon-screensaver/commit/89150d21004faf63722e6c47af639071de42c6e6 I have some doubts on how to go about it, experts debian's developerscan give me some advices please? After a while checking the issue, we could reproduce the issue installing the gtk 3.10 and it's solved with gtk 3.12. Using the packages from snapshots, the problem is reproduceable with gtk 3.10.7 and is fixed in 3.11.5. We haven't yet found the exact fix. Happy hacking, -- We must be very careful when we give advice to younger people: sometimes they follow it! -- Edsger W. Dijkstra Saludos /\/\ /\ `/ signature.asc Description: Digital signature
Bug#738828: cinnamon: CVE-2014-1949
Package: cinnamon Severity: grave Tags: security Justification: user security hole This was assigned CVE-2014-1949: http://www.openwall.com/lists/oss-security/2014/02/12/7 Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
