=========================================================================Ubuntu Security Notice USN-2741-1
September 16, 2015

unity-settings-daemon vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.04
- Ubuntu 14.04 LTS

Summary:

Unity Settings Daemon would allow mounting removable media while the screen
is locked.

Software Description:
- unity-settings-daemon: daemon handling the Unity session settings

Details:

It was discovered that the Unity Settings Daemon incorrectly allowed
removable media to be mounted when the screen is locked. If a vulnerability
were discovered in some other desktop component, such as an image library,
a local attacker could possibly use this issue to gain access to the
session.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.04:
  unity-settings-daemon           15.04.1+15.04.20150408-0ubuntu1.2

Ubuntu 14.04 LTS:
  unity-settings-daemon           14.04.0+14.04.20150825-0ubuntu2

After a standard system update you need to restart your session to make
all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-2741-1
  CVE-2015-1319

Package Information:

https://launchpad.net/ubuntu/+source/unity-settings-daemon/15.04.1+15.04.20150408-0ubuntu1.2

https://launchpad.net/ubuntu/+source/unity-settings-daemon/14.04.0+14.04.20150825-0ubuntu2