CVSROOT: /cvs
Module name: xenocara
Changes by: st...@cvs.openbsd.org 2012/01/19 09:18:55
Modified files:
dist/xkeyboard-config/compat: xfree86
Log message:
Workaround CVE-2012-0064, password-locked X screen savers can be bypassed
with Ctrl Alt *.
This is not the complete fix but mitigates the issue for now.
Bug was introduced to OpenBSD in the xserver update on 2011/11/05
(commit 7d2543a3cb3 upstream), so it affects -current since that date,
but no OpenBSD releases.
ok matthieu@ phessler@ dcoppa@, also tested by schwarze@, jj@
If you want this fix before new snapshots are available, copy the new
file to /usr/X11R6/share/X11/xkb/compat/xfree86 and reload the kbmap e.g.
setxkbmap $(setxkbmap -query | awk '/layout/ { print $2 }')
