USN-1716-1: gnome-screensaver vulnerability

12 February 2013

gnome-screensaver vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.10

Summary

gnome-screensaver would allow unintended access to the user session.

Software Description

  • gnome-screensaver - GNOME screen saver and locker

Details

It was discovered that gnome-screensaver did not start automatically after logging in. This may result in the screen not being automatically locked after the inactivity timeout is reached, permitting an attacker with physical access to gain access to an unlocked session.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.10
gnome-screensaver - 3.6.0-0ubuntu2.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make all the necessary changes.

References