-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5501-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 18, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gnome-shell CVE ID : CVE-2023-43090 Debian Bug : 1052067 Mickael Karatekin discovered that the GNOME session locking didn't restrict a keyboard shortcut used for taking screenshots in GNOME Screenshot which could result in information disclosure. The oldstable distribution (bullseye) is not affected. For the stable distribution (bookworm), this problem has been fixed in version 43.6-1~deb12u2. We recommend that you upgrade your gnome-shell packages. For the detailed security status of gnome-shell please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gnome-shell Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org