You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa gnome-shell

Sigurnosni nedostaci programskog paketa gnome-shell

——————————————————————————–
Fedora Update Notification
FEDORA-2014-12690
2014-10-12 03:59:02
——————————————————————————–

Name : gnome-shell
Product : Fedora 20
Version : 3.10.4
Release : 9.fc20
URL : http://live.gnome.org/GnomeShell
Summary : Window management and application launching for GNOME
Description :
GNOME Shell provides core user interface functions for the GNOME 3 desktop,
like switching to windows and launching applications. GNOME Shell takes
advantage of the capabilities of modern graphics hardware and introduces
innovative user interface concepts to provide a visually attractive and
easy to use experience.

——————————————————————————–
Update Information:

Security fix for lock screen circumvention by consecutive screenshot requests triggering OOM situation
——————————————————————————–
ChangeLog:

* Fri Oct 10 2014 Florian Müllner <fmuellner@redhat.com> – 3.10.4-9
– Disallow consecutive screenshot requests to avoid an OOM situation (#1147917)
* Thu Jul 24 2014 Adel Gadllah <adel.gadllah@gmail.com> – 3.10.4-8
– Fix crash when GLSL is not available (#1046970)
* Thu Jul 17 2014 Rex Dieter <rdieter@fedoraproject.org> – 3.10.4-7
– rebuild (for pulseaudio, bug #1117683)
* Thu Jul 10 2014 Florian Müllner <fmuellner@redhat.com> – 3.10.4-6
– Revert last patches again – the performance regression is still present
* Fri Jun 27 2014 Florian Müllner <fmuellner@redhat.com> – 3.10.4-6
– Add back crosshairs fix plus upstream workaround for the reported
performance regressions (RH #1083500)
* Mon Jun 2 2014 Florian Müllner <fmuellner@redhat.com> – 3.10.4-5
– Remove crosshairs fix again – the update was redrawn due to performance
regressions, 3.10.4-4 re-introduced it accidentally
* Fri May 23 2014 Adam Williamson <awilliam@redhat.com> – 3.10.4-4
– make OSK work with modal dialogs (backport, BGO #719451, RHBZ #1071907)
* Wed Apr 2 2014 Javier Hernández <jhernandez@emergya.com> – 3.10.4-3
– Fix gnome shell magnifier’s crosshairs (RH #1083500)
* Mon Mar 17 2014 Adel Gadllah <adel.gadllah@gmail.com> – 3.10.4-2
– Backport fix for RH #1076981
* Wed Feb 19 2014 Florian Müllner <fmuellner@redhat.com> – 3.10.4-1
– Update to 3.10.4, drop upstreamed patches
* Tue Feb 18 2014 Adel Gadllah <adel.gadllah@gmail.com> – 3.10.3-8
– Don’t duplicate gsd code and just use the xsetting it
exports
* Mon Feb 17 2014 Adel Gadllah <adel.gadllah@gmail.com> – 3.10.3-7
– Don’t enable high dpi scaling for vnc / xrdp
– Fixes RH #1065563
* Wed Feb 12 2014 Adel Gadllah <adel.gadllah@gmail.com> – 3.10.3-6
– Replace patch with one that does not hang gdm
* Wed Feb 12 2014 Adel Gadllah <adel.gadllah@gmail.com> – 3.10.3-5
– Backport high dpi support patches from upstream
* Thu Feb 6 2014 Florian Müllner <fmuellner@redhat.com> – 3.10.3-4
– Backport fix for crash when using some Java applications (#1058314)
* Fri Jan 31 2014 Florian Müllner <fmuellner@redhat.com> – 3.10.3-3
– Backport upstream fixes:
– Fix app-menu regression (#1057517)
– Fix window tracking regression (#1057933)
* Thu Jan 23 2014 Florian Müllner <fmuellner@redhat.com> – 3.10.3-2
– Fix app-switcher regressions introduced by the last update
* Thu Jan 16 2014 Florian Müllner <fmuellner@redhat.com> – 3.10.3-1
– Update to 3.10.3, drop downstream patches
* Thu Nov 28 2013 Florian Müllner <fmuellner@redhat.com> – 3.10.2.1-3
– Backport upstream fix for catching more extension errors
——————————————————————————–
References:

[ 1 ] Bug #1147917 – CVE-2014-7300 gnome-shell: lockscreen bypass with printscreen key
https://bugzilla.redhat.com/show_bug.cgi?id=1147917
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update gnome-shell’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa iceweasel

Otkriveni su sigurnosni nedostaci u programskom paketu iceweasel za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close