FS#37566 : [accountservice] security patch, lock screen bypass

FS#37566 - [accountservice] security patch, lock screen bypass

Attached to Project: Arch Linux
Opened by RbN (RbN) - Thursday, 31 October 2013, 15:01 GMT
Last edited by Jan de Groot (JGC) - Wednesday, 06 November 2013, 14:05 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description:
Gnome lock screen bypass (No CVE attributed yet)

Resolution :
patch [ 3 ]

References :
[ 1 ] : Gnome bug report
https://bugzilla.gnome.org/show_bug.cgi?id=708997
[ 2 ] : RedHat bug report
https://bugzilla.redhat.com/show_bug.cgi?id=1013721
[ 3 ] : patch
http://cgit.freedesktop.org/accountsservice/commit/?id=631c57790fe79ee70d79522eb1b3e461e2899d82

This task depends upon

Closed by Jan de Groot (JGC)
Wednesday, 06 November 2013, 14:05 GMT
Reason for closing: Fixed
Additional comments about closing: fixed upstream in 0.6.35.

Comment by RbN (RbN) - Thursday, 31 October 2013, 15:11 GMT

Here is the test case from RedHat bugzilla :

"Steps to Reproduce:
1. Lock the screen either by selecting the lock icon in the system menu or with ctrl-alt-l
2. Move the mouse and drag the "window-blind" up. (Or hit escape)"

I hope the patch I linked is the good one but i'm not sure.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#37566 - [accountservice] security patch, lock screen bypass

Details

Loading...