==========================================================================
Ubuntu Security Notice USN-2303-1
July 31, 2014

unity vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS

Summary:

The Unity lock screen could possibly be bypassed in certain circumstances.

Software Description:
– unity: Interface designed for efficiency of space and interaction.

Details:

It was discovered that in certain circumstances Unity failed to
successfully grab the keyboard when switching to the lock screen. A local
attacker could possibly use this issue to run commands, and unlock the
current session.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
unity 7.2.2+14.04.20140714-0ubuntu1.1

After a standard system update you need to restart your session to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2303-1
https://launchpad.net/bugs/1349128

Package Information:
https://launchpad.net/ubuntu/+source/unity/7.2.2+14.04.20140714-0ubuntu1.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJT2kaKAAoJEGVp2FWnRL6Tn7cQAJDq/NJVl80ayWqc4D7/uf5h
3x+kgoi0eLYWnNe0fSZ9JgmXPVuDfnAXJ6hs9flV2IS4cx6m5RGQgMD1swtyV/Pk
eOWT01wkZqeRSSxauFd3ByCYzKVq2sQEhqLgxCDukb2HR3PV0EG2Zx/8GDYjV6fa
pgUKTKRT625O+tSIIbbdzplKQUCQ2BQiCBMsvOaGVZuIMm8bz2OMSW3r4LjNz/vH
hYpsAKMYVnkG9ii0rHkQe0yzAsf0htOKMTboqr7Af945r6MJc6Fce95xHoJylaoP
PYCqL+oBtabKzbYYBg00306TG2gWnHGCk7F1UKLKmXwz8umvaHc5iz1OeWukS0Tt
3GpGvBPMgJ17txj3isD+cZuQ6TWwhTxiOOz9hqx4ugx5nYRoAhr4W6V/qVvMXP1R
Ivb6WKlrOF9vb+nCY5RWnJIM2ppZ2LeSxiDJg9czyQcUAxjp8crfv4Y06wQ80Zfb
nkxgvS7gzxQKZU7Do41zwzZ5uCIS7g5ZXofzPc0oWFxthYB9PnvXUITadmoBKy3O
KwRxsumrdM8+PJyIGEsk8A1Q6GKixE0hQfuAhjrFHM8uNHm6ubzzgYP4hZr7N+Cr
KD8BveaTb/ehJ7YacyX7kTWrSrR5aw6INaqE8soFhtGxn15mew4HnJRo93nhTvMW
+JKJOT9/0G4iizc0o5/v
=8KKn
—–END PGP SIGNATURE—–
—