oss-sec mailing list archives
Re: Re: CVE Request: IBUS showing passwords during password input
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 04 Nov 2013 13:18:13 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/04/2013 06:37 AM, Fuminobu TAKEYAMA wrote:
Hello,The behaviour started (I think) with with IBUS 1.5.4Yes. It happens on IBus-enabled GNOME 3.6+ with IBus 1.5.4 if IBus's engines (plug-ins) do not support new API introduced by 1.5.4. Actually, this problem is not found by me, though. The upstream has already announced in [1]. An IBus developer (Mr. Fuijiwara) says in [1]: "1.5.2 or lower do not handle the input purpose so the typed chars are shown as the bug." So I think the same problem may happen also on GNOME 3.6 + IBus 1.5.2. [1] https://groups.google.com/forum/#!topic/ibus-user/mvCHDO1BJUw Best regards, Fuminobu TAKEYAMA 2013/11/4 Marcus Meissner <meissner () suse de>:Hi, One of our Japanese users found that some IBUS input methods show passwords while typing them, if a special "intent" is not provided. https://bugzilla.novell.com/show_bug.cgi?id=847718 https://groups.google.com/forum/#!topic/ibus-user/mvCHDO1BJUw The behaviour started (I think) with with IBUS 1.5.4 Fuminobu Takeyama, is this correct? Ciao, Marcus
Please use CVE-2013-4509 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBAgAGBQJSeAEFAAoJEBYNRVNeJnmTRJgQAMVajnP+1wU4vDb9KWaFW/iJ mTMxatUOOPfbYAuZ18CoFz3qCBP0dGNePul+xhyNsU2BaGvbegmqTlXW0uaEX+oS vw+0pKEJ2yUX+A5A4qsSNrFtiX6Rmd8OvEFCwYcWqeXkGf1f5KZStZLWPVcqiDTK pWW0hZD6mDDB+o9iF+OtlwTXi/MHztlPuwmU6+4N00a+gTSDrZ2U9mEWBCnt17mc RWVa5YlmMmzThjE37NiOSH1SqgdS75gKvYQWQsRvCISNXT7NpPP670yQDtduj3Gx nEKNeWJvGxUaI/0g5OydxehleRzK4n6rg/ap6oZ6D0pBDu25MRY5lk6BYXL0RnDy d6LeSRYwnaIM16Q9nKc7GLirNXpey99UVcg6VFCVEh9xzznwK+rgfcDQLF9MBz/f 8gqGsskFNaLSTdUrYFBLvTNKClJkM+pkKjn67nxWDpwFklLzC+rvQTn5OXS0ci6j Mh5on+yYwasSfcYcLgv3NrMquEnXXGTK9cNLNvdftOejYWUu5ZuruuHzi5GqaR7n bmCEKh29FaKdPjgLWWjU/fHU3clk00zkPTRZFUbAP+Qf5+1ucaKdjYkzAO0h1xRr VgWYXsGoGtgAP5GOdo14PPB6BgjzzZDKUqqdtvhAbzV+QN/7FLbUA++47clJlb0e 5AY9Z7oWkNCaMWWhersj =NtKe -----END PGP SIGNATURE-----
Current thread:
- CVE Request: IBUS showing passwords during password input Marcus Meissner (Nov 04)
- Re: CVE Request: IBUS showing passwords during password input Fuminobu TAKEYAMA (Nov 04)
- Re: Re: CVE Request: IBUS showing passwords during password input Kurt Seifried (Nov 04)
- Re: CVE Request: IBUS showing passwords during password input Fuminobu TAKEYAMA (Nov 04)