ArchLinux: 201602-10: kscreenlocker: access restriction bypass
Summary
A vulnerability has been discovered in kscreenlocker that is leading to access restriction bypass. Turning all screens off while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
Resolution
Upgrade to 5.5.4-2.
# pacman -Syu "kscreenlocker>=5.5.4-2"
The problem has been fixed upstream but no release is available yet.
References
https://kde.org/info/security/advisory-20160209-1.txt https://bugs.kde.org/show_bug.cgi?id=358125 https://bugzilla.opensuse.org/show_bug.cgi?id=964548
Workaround
None.