Bug#1052067: gnome-shell: CVE-2023-43090: screenshot tool allows viewing open windows when session is locked
Moritz Mühlenhoff
jmm at inutil.org
Sun Sep 17 18:39:24 BST 2023
Am Sun, Sep 17, 2023 at 06:22:00PM +0100 schrieb Simon McVittie:
> On Sun, 17 Sep 2023 at 18:17:56 +0100, Simon McVittie wrote:
> > I can upload this to security-master if wanted, or the security
> > team or other GNOME team members are welcome to sponsor it
> > or upload their own version if they would like to take my
> > response time off the critical path. Unsigned packages are in
> > https://people.debian.org/~smcv/bug1052067/, diff attached.
>
> Sigh, diff really attached now. I'm sorry, I should be more careful not
> to waste your time.
Thanks! I think we should fix this via a DSA.
The debdiff looks fine, please build with -sa (ftp.d.o and security.d.o
don't share tarballs) and upload to security-master.
Does this also affect oldstable? If so, can you please also prepare
a backport?
Cheers,
Moritz
More information about the pkg-gnome-maintainers
mailing list