Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-1949

GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.

Related bugs and status

CVE-2014-1949 (Candidate) is related to these bugs:

Bug #1366790: Fix for CVE-2014-1949 (GTK 3.10.x)

		In	Importance	Status
1366790	Fix for CVE-2014-1949 (GTK 3.10.x)	gtk+3.0 (Ubuntu)	Undecided	Fix Released
1366790	Fix for CVE-2014-1949 (GTK 3.10.x)	gtk+3.0 (Ubuntu Trusty)	Undecided	Fix Released
1366790	Fix for CVE-2014-1949 (GTK 3.10.x)	gtk+3.0 (Ubuntu Utopic)	Undecided	Fix Released
1366790	Fix for CVE-2014-1949 (GTK 3.10.x)	gtk+3.0 (Debian)	Unknown	Fix Released
1366790	Fix for CVE-2014-1949 (GTK 3.10.x)	GTK+	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2014021...
MLIST: [oss-security] 2014021...
CONFIRM: https://bugs.debian.or...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://github.com/lin...
UBUNTU: USN-2475-1
CONFIRM: http://advisories.mage...
MANDRIVA: MDVSA-2015:162