oss-sec mailing list archives
Re: XScreenSaver 5.45: Disconnecting a video output can cause XScreenSaver to crash and unlock
From: Marek Marczykowski-Górecki <marmarek () invisiblethingslab com>
Date: Sat, 5 Jun 2021 04:03:42 +0200
On Sat, Jun 05, 2021 at 02:55:10AM +0200, Marek Marczykowski-Górecki wrote:
The issue affects only XScreenSaver version 5.45. Versions 5.44 and older, as well as 6.00, are not affected. The XScreenSaver author was notified about this issue and decided not to publish an advisory, as the issue does not affect the most recent version. The Qubes Security Team has decided to address this issue in Qubes OS by patching this specific bug rather than immediately upgrading to the 6.00 version.
And here is the patch applied in Qubes OS: https://github.com/QubesOS/qubes-xscreensaver/blob/master/0001-Fix-updating-outputs-info.patch -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab
Attachment:
signature.asc
Description:
Current thread:
- XScreenSaver 5.45: Disconnecting a video output can cause XScreenSaver to crash and unlock Marek Marczykowski-Górecki (Jun 05)
- Re: XScreenSaver 5.45: Disconnecting a video output can cause XScreenSaver to crash and unlock Marek Marczykowski-Górecki (Jun 05)
- Re: XScreenSaver 5.45: Disconnecting a video output can cause XScreenSaver to crash and unlock Gianluca Gabrielli (Jun 10)
- Re: XScreenSaver 5.45: Disconnecting a video output can cause XScreenSaver to crash and unlock Marek Marczykowski-Górecki (Jun 10)
- Re: XScreenSaver 5.45: Disconnecting a video output can cause XScreenSaver to crash and unlock Gianluca Gabrielli (Jun 11)
- Re: XScreenSaver 5.45: Disconnecting a video output can cause XScreenSaver to crash and unlock Marek Marczykowski-Górecki (Jun 10)