==========================================================================
Ubuntu Security Notice USN-2475-1
January 15, 2015

gtk+3.0 update
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS

Summary:

GTK+ improperly handled the menu key, possibly allowing lock screen bypass.

Software Description:
– gtk+3.0: GTK+ graphical user interface library

Details:

Clemens Fries discovered that GTK+ allowed bypassing certain screen locks
by using the menu key. An attacker with physical access could possibly use
this flaw to gain access to a locked session.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
libgtk-3-0 3.10.8-0ubuntu1.4

After a standard system update you need to restart your session to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2475-1
https://launchpad.net/bugs/1366790

Package Information:
https://launchpad.net/ubuntu/+source/gtk+3.0/3.10.8-0ubuntu1.4

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJUt9obAAoJEGVp2FWnRL6TYFgQAK0mZrc4OfKpk/0EAw4op3+9
F3JuOg0LeWvHmJSVNLIMAVfL4Nm5DwHOZIaMvpzMPTwdAFuJ1wbV2FqSgd5G8bFY
8MVctala8g90lukjzAd1nPGEyt3ziKfxPjbURWtU1h9yTA7uJZcjBR7Lfat3jgIX
Ntv8ntoTip4scsEZcPh5IMaBP2zlmQWPVR4Pfp+Ab3B0aoDmHdqlRqu1wHoXr3US
f/XZgGSuxiG3RYo/pdiVDSJz3g8Qsx2DaLASRhdjzvfwmwcQ2SlxU1eEY4c3SMuU
BPgbRvEGQ0WV/7qa1f1glimqc7x4OYDaXRyKXl8ablUGhtUopxt99ZAMXQJ2B/jh
z9G74FAHN0oQMj9HWgGUaWa9CCXCWtY5b9i9INRlBXaVA69FT15YHcXWr36DI4gX
bR9IFdO0QRd7HUcFPUjxuj7SwPSYETN8Eqot6yp5cM/w3KzB2sufaHKcMdW97Vbu
xhde0R4xk6kkt9jl7VngAczoa5YH3P5Z5d+3qY6axeFqXgmFMbeuuMOeGQ7XT05L
ISKLqWot+aeWcC+Z1NGfO+7cDtB1ttpwKOROw9J9bIiXj3mdzrMQzc6K6Ht8pA5B
Zjo+mBoPUjpYvJhaGM7mNf908DTR6wwu3zST+jtV0xE2IyqRPrScgycj3qgtiT5Z
/E0mG1GkwOfEZydXEPZv
=hGlO
—–END PGP SIGNATURE—–
—