[USN-3966-1] GNOME Shell vulnerability

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[USN-3966-1] GNOME Shell vulnerability

Leonidas S. Barbosa
==========================================================================
Ubuntu Security Notice USN-3966-1
May 06, 2019

gnome-shell vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.10
- Ubuntu 18.04 LTS

Summary:

GNOME Shell could be made to execute keyboard shortcuts and other
actions while the workstation was locked.

Software Description:
- gnome-shell: graphical shell for the GNOME desktop

Details:

It was discovered that the GNOME Shell incorrectly handled certain
keyboard inputs. An attacker could possibly use this issue to invoke
keyboard shortcuts, and potentially other actions while the workstation
was locked.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
  gnome-shell                     3.30.2-0ubuntu1.18.10.2

Ubuntu 18.04 LTS:
  gnome-shell                     3.28.3+git20190124-0ubuntu18.04.2

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
  https://usn.ubuntu.com/usn/usn-3966-1
  CVE-2019-3820

Package Information:
  https://launchpad.net/ubuntu/+source/gnome-shell/3.30.2-0ubuntu1.18.10.2
  https://launchpad.net/ubuntu/+source/gnome-shell/3.28.3+git20190124-0ubuntu18.04.2
--
ubuntu-security-announce mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

signature.asc (836 bytes) Download Attachment