==========================================================================
Ubuntu Security Notice USN-2186-1
April 30, 2014
indicator-datetime vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 13.10
Summary:
The Date and Time Indicator would allow unintended access.
Software Description:
– indicator-datetime: Simple clock
Details:
It was discovered that the Date and Time Indicator incorrectly allowed
Evolution to be opened at the greeter screen. An attacker could use this
issue to possibly gain unexpected access to applications such as a web
browser with privileges of the greeter user.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.10:
indicator-datetime 13.10.0+13.10.20131023.2-0ubuntu1.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2186-1
CVE-2013-7374
Package Information:
https://launchpad.net/ubuntu/+source/indicator-datetime/13.10.0+13.10.20131023.2-0ubuntu1.1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/
iQIcBAEBCgAGBQJTYPCyAAoJEGVp2FWnRL6TvjQP/jD8itIu4Wr+bCpUqI6i1zpa
pbfUra2db/pig11hFTjt03mcvQB8NAa2T2dIlD/emNNUMqgRsY+L95kp//zzVSfu
zkz+LTs1E4/sjgljfaHZfyV7wLgX4QolUjdCiBrPq5Uj8LF2+tySjiJ1UUx85+PN
jtLfQQuNAE9bqSmMO163MsUTTjoqG/ceb77CBmuLTt0e7QBbCp29FJmDk4BYsfAB
MzI9i9kRbV/A+JlMR8WyHi3Rpai1qa5TAX5JlgsenH1MYZlhe/3kO5Lzvuv5/1Ey
PsXlTL2BZUoaWwUzMlQLJi3m7dzjRZl6ta13rWQYs0n2PmEIi720JSsgB3XGpohu
5MNM/+HVrBkmzLWGbJnSkpBgpMRhv+G1HWDuUt+LFVrredLWT21dgBlGDPsX9zgO
q3PM0i7SLmg6tKvLZMduSKmWLZwcNUq3jLpy98tRECqCqQ2/CnrVUkZC0DW4G+AW
fU8lRHDJOsS45a4RtRk4pXwAEUz8VPJCwUVnypJzeviTfp86jDe+bLCzS91WUUFq
unZUnlKdP/z5Qblk6ummmEgvRb/7c4OAI7jNkbtfhiOwQujtL4vIg1Sgo0t8upcj
0UECiw0ydMm4hrRipydl11x7OSN6Q4EeMqOuzcXlRqaX1Q8wqUhxJ9NIxHSwtDUO
yvrXZieqUOBax+UyqvRT
=qVVy
—–END PGP SIGNATURE—–
—