Stay Secure with the Latest Linux Advisories

security advisoryfedoracritical

Fedora 10: 2010-3010 Major: Compiz-Fusion Desktop Effects Loading Problem

This update fixes a security issue in the expo plugin which allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-3003 2009-03-25 15:23:13 --------------------------------------------------------------------------------Name : compiz-fusion Product : Fedora 9 Version : 0.7.6 Release : 6.fc9 URL : https://www.compiz-fusion.org/ Summary : Collection of Compiz Fusion plugins for Compiz Description : The Compiz Fusion Project brings 3D desktop visual effects that improve usability of the X Window System and provide increased productivity though plugins and themes contributed by the community giving a rich desktop experience --------------------------------------------------------------------------------Update Information: This update fixes a security issue in the expo plugin which allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts. --------------------------------------------------------------------------------ChangeLog: * Tue Mar 24 2009 Adel Gadllah 0.7.6-6 - Add fix for RH #491918, CVE-2008-6514 * Sat Mar 14 2009 Adel Gadllah 0.7.6-5 - Backport upstream fix for RH #474741 * Mon Jun 23 2008 Adel Gadllah 0.7.6-4 - Speed up gconf schema installation * Wed Jun 11 2008 Adel Gadllah 0.7.6-1 - Update to 0.7.6 --------------------------------------------------------------------------------References: [ 1 ] Bug #491918 - CVE-2008-6514 compiz-fusion: Possible locked desktop access by using Expo plugin mouse shortcuts https://bugzilla.redhat.com/show_bug.cgi?id=491918 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update compiz-fusion' at the commandline. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Addresses a vulnerability in compiz-fusion that permits unauthorized local users to view a secured desktop session in Fedora.. Local Access Threat, Compiz Fusion Security, Fedora Desktop Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Mar 25, 2009 •Critical Fedora