Mageia 2021-0043: caribou security update
Summary
An issue in caribou, that was exposed by a CVE fix in X.org server, permits a screensaver-lock bypass. It is possible to crash the screensaver and unlock the desktop via the virtual keyboard. References:
References
- https://bugs.mageia.org/show_bug.cgi?id=28072
- https://github.com/linuxmint/cinnamon-screensaver/issues/354
- https://www.openwall.com/lists/oss-security/2021/01/15/1
Resolution
MGASA-2021-0043 - Updated caribou packages fix a security vulnerability
SRPMS
- 7/core/caribou-0.4.21-3.1.mga7