USN-269-1: xscreensaver vulnerability

11 April 2006

xscreensaver vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description

Details

In some cases, xscreensaver did not properly grab the keyboard when reading the password for unlocking the screen, so that the password was typed into the currently active application window.

The only known vulnerable case was when xscreensaver activated while an rdesktop session was currently active.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
xscreensaver
xscreensaver-gl
xscreensaver-gnome
xscreensaver-nognome
Ubuntu 4.10
xscreensaver
xscreensaver-gl
xscreensaver-gnome
xscreensaver-nognome

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References