MGASA-2021-0043 - Updated caribou packages fix a security vulnerability

Publication date: 17 Jan 2021
URL: https://advisories.mageia.org/MGASA-2021-0043.html
Type: security
Affected Mageia releases: 7

An issue in caribou, that was exposed by a CVE fix in X.org server, permits
a screensaver-lock bypass. It is possible to crash the screensaver and unlock
the desktop via the virtual keyboard.

References:
- https://bugs.mageia.org/show_bug.cgi?id=28072
- https://github.com/linuxmint/cinnamon-screensaver/issues/354
- https://www.openwall.com/lists/oss-security/2021/01/15/1

SRPMS:
- 7/core/caribou-0.4.21-3.1.mga7