==========================================================================
Ubuntu Security Notice USN-3607-1
March 26, 2018
screen-resolution-extra vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 17.10
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS
Summary:
Screen Resolution Extra could be tricked into bypassing PolicyKit
authorizations.
Software Description:
– screen-resolution-extra: Extension for the GNOME screen resolution applet
Details:
It was discovered that Screen Resolution Extra was using PolicyKit in an
unsafe manner. A local attacker could potentially exploit this issue to
bypass intended PolicyKit authorizations.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
screen-resolution-extra 0.17.1.1
Ubuntu 16.04 LTS:
screen-resolution-extra 0.17.1.1~16.04.1
Ubuntu 14.04 LTS:
screen-resolution-extra 0.17.1.1~14.04.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3607-1
CVE-2018-8885
Package Information:
https://launchpad.net/ubuntu/+source/screen-resolution-extra/0.17.1.1
https://launchpad.net/ubuntu/+source/screen-resolution-extra/0.17.1.1~16.04.1
https://launchpad.net/ubuntu/+source/screen-resolution-extra/0.17.1.1~14.04.1
—–BEGIN PGP SIGNATURE—–
iQEcBAEBCAAGBQJauWwNAAoJEGEfvezVlG4P2DAH/RR85kdJTbZTz4rqo5toAL+j
23tSWS7J+qGFkApEJNk7Ec8r5bGs9ioyjPf5V47RPDaATdmZa1auAyCDWM4Jg75H
WRDoKcPjSaaCodefihXVLtd4Y2I89YC94Z/HLbBsn19niSP6NmmWk7g2Te1jWk2P
0YDSxR+qMCigR86h1wcG7rP1T+pRHlYDKk/mJedIOZfp15nGpgzXvVNfMAdogI9U
70WWOqs9JbmkLg8YZriv4FqyxoJTaRsQd07tyH4h02+XWvMV50TcG526rp5IO9r2
RaUjuLfKRlyXjjmKAh2uf30oLE1zOwlcoZT+pYqzvaPdVjjuSMs6ZUSMrHdu5iw=
=tui1
—–END PGP SIGNATURE—–
—