Debian Bug report logs -
#714264
CVE-2013-2190: screen unlocked after resuming due to crash
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#714264; Package gnome-shell.
(Thu, 27 Jun 2013 12:09:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Raphael Geissert <geissert@debian.org>:
New Bug report received and forwarded. Copy sent to Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>.
(Thu, 27 Jun 2013 12:09:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: gnome-shell
Severity: grave
Hi,
It was discovered that some times when resuming gnome-shell crashes
and the screen lock is no longer active.
For further information see:
http://mid.gmane.org/51C01CC5.9070108@redhat.com
https://bugzilla.gnome.org/show_bug.cgi?id=701974
https://bugzilla.redhat.com/show_bug.cgi?id=954054
Please adjust the affected versions in the BTS as needed.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Marked as found in versions clutter-1.0/1.10.8-2.
Request was from Laurent Bigonville <bigon@debian.org>
to control@bugs.debian.org.
(Mon, 01 Jul 2013 10:12:05 GMT) (full text, mbox, link).
Added tag(s) sid, experimental, and jessie.
Request was from Laurent Bigonville <bigon@debian.org>
to control@bugs.debian.org.
(Mon, 01 Jul 2013 10:12:06 GMT) (full text, mbox, link).
Added tag(s) wheezy and security.
Request was from Laurent Bigonville <bigon@debian.org>
to control@bugs.debian.org.
(Mon, 01 Jul 2013 10:18:59 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Mon, 01 Jul 2013 23:04:33 GMT) (full text, mbox, link).
Reply sent
to Michael Biebl <biebl@debian.org>:
You have taken responsibility.
(Tue, 27 Aug 2013 17:51:16 GMT) (full text, mbox, link).
Notification sent
to Raphael Geissert <geissert@debian.org>:
Bug acknowledged by developer.
(Tue, 27 Aug 2013 17:51:17 GMT) (full text, mbox, link).
Message #22 received at 714264-close@bugs.debian.org (full text, mbox, reply):
Source: clutter-1.0
Source-Version: 1.14.4-3
We believe that the bug you reported is fixed in the latest version of
clutter-1.0, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 714264@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Biebl <biebl@debian.org> (supplier of updated clutter-1.0 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 27 Aug 2013 18:55:26 +0200
Source: clutter-1.0
Binary: libclutter-1.0-0 libclutter-1.0-common libclutter-1.0-dev libclutter-1.0-dbg libclutter-1.0-doc clutter-1.0-tests gir1.2-clutter-1.0
Architecture: source all amd64
Version: 1.14.4-3
Distribution: unstable
Urgency: low
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Michael Biebl <biebl@debian.org>
Description:
clutter-1.0-tests - Open GL based interactive canvas library (test programs)
gir1.2-clutter-1.0 - GObject introspection data for the Clutter 1.0 library
libclutter-1.0-0 - Open GL based interactive canvas library
libclutter-1.0-common - Open GL based interactive canvas library (common files)
libclutter-1.0-dbg - Open GL based interactive canvas library (debug files)
libclutter-1.0-dev - Open GL based interactive canvas library (development files)
libclutter-1.0-doc - Open GL based interactive canvas library (documentation)
Closes: 714264
Changes:
clutter-1.0 (1.14.4-3) unstable; urgency=low
.
* debian/patches/git_x11_trap_errors_when_calling_XIQueryDevice.patch:
- x11: trap errors when calling XIQueryDevice. Patch cherry-picked from
upstream Git. (Closes: #714264)
- Fixes CVE-2013-2190: screen unlocked after system resume due to
gnome-shell crash.
Checksums-Sha1:
5413c7dc810d356f86156fd757d1815b76513e16 3181 clutter-1.0_1.14.4-3.dsc
da65391b01647250e22bd79895c390600e4f9ec6 22372 clutter-1.0_1.14.4-3.debian.tar.gz
69e1747a87312d74343044139a0022f76c22c653 415164 libclutter-1.0-common_1.14.4-3_all.deb
683423bcf76fddef2ba4a83c7c9987b5f237a3a3 2611278 libclutter-1.0-doc_1.14.4-3_all.deb
99ab7c6bfe7d5497a6b65fc58f5d7b4c982f0a0e 519318 libclutter-1.0-0_1.14.4-3_amd64.deb
6be3d5e840a05da75f6ee4f1e8e09a9519650d69 408370 libclutter-1.0-dev_1.14.4-3_amd64.deb
fb34f2e5e5dc09c2c66d165b1030850163cfb8f5 1257654 libclutter-1.0-dbg_1.14.4-3_amd64.deb
d4f70f7653638403fd13cfc562219215eb434cc4 207524 clutter-1.0-tests_1.14.4-3_amd64.deb
6f70f1caaf13337fb9afd085f861b85be3cf5ad3 217762 gir1.2-clutter-1.0_1.14.4-3_amd64.deb
Checksums-Sha256:
d00b2f8989aebf4a213da0d920a21b38b3486e5f39e1fbf3e211692280ba645d 3181 clutter-1.0_1.14.4-3.dsc
fbdbbe55f75d11f24dc38625bc8ff5fff2b47010e2ae7e8694fd177fb589164f 22372 clutter-1.0_1.14.4-3.debian.tar.gz
a2e352752abc6a5973a585c128fe25da5bf0e553d8ca99603c8951892dfbdcfa 415164 libclutter-1.0-common_1.14.4-3_all.deb
faae1e095a5e4d97a288d943a246cb4544661f3769b6f23c1ac3ffd253f029da 2611278 libclutter-1.0-doc_1.14.4-3_all.deb
62c53708f7ff43b41ff6fb68050d9b9b2a0347ea6dabf649eb7d12a84a9c3402 519318 libclutter-1.0-0_1.14.4-3_amd64.deb
9e078f3b689ad8ebd186edc0446438bcb0f9cac9e2cfe19fdab72bd88ee6e5fc 408370 libclutter-1.0-dev_1.14.4-3_amd64.deb
064617bc1a9a67ea67b8c1530389d20b37dd26cd1a0d665aedf990774e67415a 1257654 libclutter-1.0-dbg_1.14.4-3_amd64.deb
68a0373cbee6a8d11794091dd52d5af1daf19d5ce28b4e49e193105a16f81994 207524 clutter-1.0-tests_1.14.4-3_amd64.deb
77768fb6424c051c4d43d033090714e5a51e769c07fbd89f0826f49253b632ff 217762 gir1.2-clutter-1.0_1.14.4-3_amd64.deb
Files:
a7076600f59e3ec804465c4203cbc1aa 3181 libs optional clutter-1.0_1.14.4-3.dsc
fcd2918f38cd54874f94e0cceba86627 22372 libs optional clutter-1.0_1.14.4-3.debian.tar.gz
4590852738ad3ecaaf357b19c3594795 415164 libs optional libclutter-1.0-common_1.14.4-3_all.deb
bbe2bcee3e170cd517e90f9e342120cb 2611278 doc optional libclutter-1.0-doc_1.14.4-3_all.deb
339d4f7efd801e5e14af61e6a8f5184e 519318 libs optional libclutter-1.0-0_1.14.4-3_amd64.deb
55d093f865aaf43d2e0c38caccefcca7 408370 libdevel optional libclutter-1.0-dev_1.14.4-3_amd64.deb
346d8356f68dfeab28ca4c8ed12fe049 1257654 debug extra libclutter-1.0-dbg_1.14.4-3_amd64.deb
b9af742a46502f47dc7cc2455e6d8310 207524 misc extra clutter-1.0-tests_1.14.4-3_amd64.deb
43f66a330e09339db4f7028c8f780edb 217762 introspection optional gir1.2-clutter-1.0_1.14.4-3_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAEBCAAGBQJSHNxWAAoJEGrh4w1gjyLcQU8QAI4KoVEmPZTAZ2WDYEelx7uK
dWCjSfv5EP3NPhNYdJf2e1xfor/iQ3rVzYzPepvqsmIbrLfN7aDpr+YzXkJBKWLR
Ovpj8MAkgOrEOwK7E/HR8lk05w2rHGkxSqm5x/Ca5+yFRRRzHpq3qGDuUMZuaea1
DUSMwM7DSEvw7PotTHON23780G4WfVfBXVFGE6+yXSzZ3vUMPRxy3baD6tL/vji3
FUaMt0I4aY2wJiq2StdxbzvBYG/PNUyas2luUSPi7mdapHd/EIvqzJlsgTji6oml
wrFDBp4GjoBNITJVv+mwVmAY+23lPzWb+hDn0xLmlCPt8mni1aoOWHMTdkjUqFyI
tg3DYOsir/pVQHEm+DEi0gZKwCU5/fedCB7zPPthdwInZAIqvq6/j+TRFPMrobNG
rWW6g/PbrGzg2fV8Ixwa1y/tKAMFm840O6eTgdFbq3DTHSPo5wn7N7qgHI6Z1Npu
pkqVFXhrEgXlpOKoKcV464Nwc4icSww+4OaNTnl0hqW1sIGC2IqhEGP9plnnZGdL
Cqtq04mxwa9t2lXF7Kqib89mrasXRNn+LWUKhyaYwcMJmzx6Cy0a3lBtVpJ+jQSv
aqP+Bnqu6pNt/Xc/9aiSBCvOhbNgoRJXMdEMUkak4s9YOLc6cti1y4iLgQFI620M
LzqUpDt528w9bOWZDr+7
=FT7H
-----END PGP SIGNATURE-----
Marked as fixed in versions clutter-1.0/1.16.0-1.
Request was from Emilio Pozuelo Monfort <pochu@debian.org>
to control@bugs.debian.org.
(Tue, 01 Apr 2014 07:36:13 GMT) (full text, mbox, link).
Removed tag(s) sid, wheezy, jessie, and experimental.
Request was from Andreas Beckmann <anbe@debian.org>
to control@bugs.debian.org.
(Fri, 07 Nov 2014 12:06:59 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 26 Apr 2015 07:46:52 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:01:17 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon