CVE-2012-0064 xkeyboard-config: screen-saver unlock via xkb debug key actions [edge]
It was found that XKB actions for debugging X.org clients were enabled by default. This could cause a screen locking application such as gnome-screensaver to be killed when those key combinations were triggered.
The debugging key actions were introduced in the following commit:
http://cgit.freedesktop.org/xorg/xserver/commit/?id=7d2543a3cb3089241982ce4f8984fd723d5312a1
Reference:
http://thread.gmane.org/gmane.comp.security.oss.general/6725
Mitigation:
http://thread.gmane.org/gmane.comp.security.oss.general/6725/focus=6731
(from redmine: issue id 953, created on 2012-01-20, closed on 2012-01-29)
- Relations:
- relates #954 (closed)
- Changesets:
- Revision 17e3c868 by Natanael Copa on 2012-01-20T12:38:43Z:
main/xkeyboard-config: security fix (CVE-2012-0064)
Fixes issue that allows user to unlock screensaver lock with Ctrl-alt-*
fixes #953