** Bug watch added: Debian Bug tracker #759145
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759145
** Also affects: gtk+3.0 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759145
Importance: Unknown
Status: Unknown
--
You received this bug notification because
** Bug watch added: GNOME Bug Tracker #722106
https://bugzilla.gnome.org/show_bug.cgi?id=722106
** Also affects: gtk via
https://bugzilla.gnome.org/show_bug.cgi?id=722106
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
** Changed in: gtk+3.0 (Debian)
Status: Unknown = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1366790
Title:
Fix for CVE-2014-1949 (GTK 3.10.x)
** Changed in: gtk
Status: Unknown = Fix Released
** Changed in: gtk
Importance: Unknown = Medium
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1366790
Title:
This bug was fixed in the package gtk+3.0 - 3.10.8-0ubuntu1.4
---
gtk+3.0 (3.10.8-0ubuntu1.4) trusty-security; urgency=medium
* debian/patches/no_popup_menu_in_gtk_window.patch
- Prevents the menu key from opening neverending menus and from taking
the focus away from the
This bug is still affecting Trusty. Not only it affects cinnamon-
screensaver, but it also affects gnome-screensaver. Anyone running
either of these two screensavers will suffer their session getting
hijacked by someone pressing the menu key before the password box comes
up.
The patch is simple
** Description changed:
- Please see:
+ [Impact]
+ Users running gnome-screensaver or cinnamon-screensaver may get their lock
screen bypassed by users pressing the menu key before the password prompt turns
up.
+ [Testcase]
+ Start GNOME or any other desktop running gnome-screensaver. Open a
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1366790
Title:
Fix for CVE-2014-1949 (GTK 3.10.x)
CVE-2014-1949 was assigned to cinnamon-screensaver.
The fix for this issue actually lies in gtk+3.0, in the following
commit:
https://git.gnome.org/browse/gtk+/commit/?id=1691bb741d50c90ee938f0b73fe81b0ca9bfd6d4
gtk+3.0 is already fixed in utopic, and we only have connamon-
screensaver in
So, GTK3 apps that use context menus shouldn't be fixed to avoid a
cascade of menus popping up if they use their menu key?
Did you read beyond cinnamon?
Should I open a new bug that doesn't say 'security issue'?
--
You received this bug notification because you are a member of Ubuntu
Touch
fwiw, it's been applied to upstream 3.10, thanks for your 'time,' I
enjoyed it.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1366790
Title:
Fix for CVE-2014-1949 (GTK
11 matches
Mail list logo
