=========================================================== 
Ubuntu Security Notice USN-537-2          November 02, 2007
compiz vulnerability
CVE-2007-3920
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.10:
  compiz-core                     1:0.6.0+git20071008-0ubuntu1.1

After a standard system upgrade you need to restart your session to affect
the necessary changes.

Details follow:

USN-537-1 fixed vulnerabilities in gnome-screensaver. The fixes were
incomplete, and only reduced the scope of the vulnerability, without
fully solving it. This update fixes related problems in compiz.

Original advisory details:

 Jens Askengren discovered that gnome-screensaver became confused when
 running under Compiz, and could lose keyboard lock focus. A local attacker
 could exploit this to bypass the user's locked screen saver.


Updated packages for Ubuntu 7.10:

  Source archives:

          Size/MD5:    29827 b2550efe55c1d8a18ad4e284a28ca899
          Size/MD5:     1649 ab43c9b6f0e98efc838ef255845b31d2
          Size/MD5:  1761080 cf9ec6ee88b5a013dc45615623edd290

  Architecture independent packages:

          Size/MD5:    31690 e2130dea26860c0cdd440b06cbe22b4b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   201614 d38d37f17a435644c66b3bc2b67ba104
          Size/MD5:    58896 13827f47ed327985c0110f3f67091fa2
          Size/MD5:   176974 afbd3384a12ea27248c396658439dd84
          Size/MD5:   312020 85f424b01fbf6bf569c1afe10a2498be
          Size/MD5:    38016 43e78f6795a87b16284ea01f04573096
          Size/MD5:    49518 6918b584bd2efbf2c4498de545df9d64
          Size/MD5:    93440 c390c04d0287cf8d59214726dd7b6df4

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   190670 2c69c223dd7b01af92ba9d678b7d6989
          Size/MD5:    58894 5b030fbf593ae76b87db4df78736b204
          Size/MD5:   171552 f5afdabd90ce1831e17dd459694bceaf
          Size/MD5:   280358 944e6ada5dd20be6606c12c51c24e115
          Size/MD5:    38026 36099c55061121c8fc191bb7bdc0cc8e
          Size/MD5:    48524 c86d2f45c4180ca1f703f1602e0d99be
          Size/MD5:    90958 7497eb8e31d7122098853257926f5c34

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   203886 208e61976da728651b5d1b08270862e6
          Size/MD5:    58902 47254a78f893dad736cedcceaa6f76a1
          Size/MD5:   183612 39f85e66846c8957127a3cb4f78e18a0
          Size/MD5:   354288 de6eef139f5c20961492d24f885cb0c2
          Size/MD5:    38032 6c201be7b5ed09deaae4d23eaf1f5426
          Size/MD5:    52486 3050c0a20a5f3cf12fdc975649990550
          Size/MD5:    98442 6784da37baf410d28c115de33cab9530

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   193342 edaa5df12a5f7a2e01ab55d5667091d7
          Size/MD5:    58898 af66b1370f0a7cc427bfbd356a0ebbf3
          Size/MD5:   174396 cda564a42b5b8112b174b76f6ef92997
          Size/MD5:   291648 dd15868aa72301182b2dbf80fde35ba8
          Size/MD5:    38028 cc1ba35b84bc29e8c4096ad50dace8e7
          Size/MD5:    47442 d5ad12579bcd525751523d78d3b2497f
          Size/MD5:    90678 f491b2bdc46acd486db7049c1e575673


--OJnKAutO47z+s2LZ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHK0NhH/9LqRcGPm0RAkRtAKCKc5TlE3sm65kLLNXKo36GlUtxkwCePCvI
EupRShiwLBDaRDnCs2TwR1A

Ubuntu: Compiz vulnerability

November 2, 2007
USN-537-1 fixed vulnerabilities in gnome-screensaver

Summary

Update Instructions

References

Severity
Ubuntu Security Notice USN-537-2 November 02, 2007

Package Information

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved