=========================================================== 
Ubuntu Security Notice USN-537-2          November 02, 2007
compiz vulnerability
CVE-2007-3920
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.10:
  compiz-core                     1:0.6.0+git20071008-0ubuntu1.1

After a standard system upgrade you need to restart your session to affect
the necessary changes.

Details follow:

USN-537-1 fixed vulnerabilities in gnome-screensaver. The fixes were
incomplete, and only reduced the scope of the vulnerability, without
fully solving it. This update fixes related problems in compiz.

Original advisory details:

 Jens Askengren discovered that gnome-screensaver became confused when
 running under Compiz, and could lose keyboard lock focus. A local attacker
 could exploit this to bypass the user's locked screen saver.


Updated packages for Ubuntu 7.10:

  Source archives:

          Size/MD5:    29827 b2550efe55c1d8a18ad4e284a28ca899
          Size/MD5:     1649 ab43c9b6f0e98efc838ef255845b31d2
          Size/MD5:  1761080 cf9ec6ee88b5a013dc45615623edd290

  Architecture independent packages:

          Size/MD5:    31690 e2130dea26860c0cdd440b06cbe22b4b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   201614 d38d37f17a435644c66b3bc2b67ba104
          Size/MD5:    58896 13827f47ed327985c0110f3f67091fa2
          Size/MD5:   176974 afbd3384a12ea27248c396658439dd84
          Size/MD5:   312020 85f424b01fbf6bf569c1afe10a2498be
          Size/MD5:    38016 43e78f6795a87b16284ea01f04573096
          Size/MD5:    49518 6918b584bd2efbf2c4498de545df9d64
          Size/MD5:    93440 c390c04d0287cf8d59214726dd7b6df4

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   190670 2c69c223dd7b01af92ba9d678b7d6989
          Size/MD5:    58894 5b030fbf593ae76b87db4df78736b204
          Size/MD5:   171552 f5afdabd90ce1831e17dd459694bceaf
          Size/MD5:   280358 944e6ada5dd20be6606c12c51c24e115
          Size/MD5:    38026 36099c55061121c8fc191bb7bdc0cc8e
          Size/MD5:    48524 c86d2f45c4180ca1f703f1602e0d99be
          Size/MD5:    90958 7497eb8e31d7122098853257926f5c34

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   203886 208e61976da728651b5d1b08270862e6
          Size/MD5:    58902 47254a78f893dad736cedcceaa6f76a1
          Size/MD5:   183612 39f85e66846c8957127a3cb4f78e18a0
          Size/MD5:   354288 de6eef139f5c20961492d24f885cb0c2
          Size/MD5:    38032 6c201be7b5ed09deaae4d23eaf1f5426
          Size/MD5:    52486 3050c0a20a5f3cf12fdc975649990550
          Size/MD5:    98442 6784da37baf410d28c115de33cab9530

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   193342 edaa5df12a5f7a2e01ab55d5667091d7
          Size/MD5:    58898 af66b1370f0a7cc427bfbd356a0ebbf3
          Size/MD5:   174396 cda564a42b5b8112b174b76f6ef92997
          Size/MD5:   291648 dd15868aa72301182b2dbf80fde35ba8
          Size/MD5:    38028 cc1ba35b84bc29e8c4096ad50dace8e7
          Size/MD5:    47442 d5ad12579bcd525751523d78d3b2497f
          Size/MD5:    90678 f491b2bdc46acd486db7049c1e575673


--OJnKAutO47z+s2LZ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHK0NhH/9LqRcGPm0RAkRtAKCKc5TlE3sm65kLLNXKo36GlUtxkwCePCvI
EupRShiwLBDaRDnCs2TwR1A

Ubuntu: Compiz vulnerability

November 2, 2007
USN-537-1 fixed vulnerabilities in gnome-screensaver

Summary

Update Instructions

References

Severity
Ubuntu Security Notice USN-537-2 November 02, 2007

Package Information

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved