Comment 0 for bug 1912060

It was found in cinnamon-screensaver that pressing ē can crash the screensaver and Cinnamon DE itself.

This is a regression of solving CVE-2020-25712 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25712) in xserver (https://gitlab.freedesktop.org/xorg/xserver/-/commit/87c64fc5b0db9f62f4e361444f4b60501ebf67b9)

The following versions of Cinnamon are affected:
4.4 - Focal
4.6 - Groovy
4.8 - Hirsute (unstable)

Upstream caribou doesn't seem very maintained anymore. Hopefully patch will be put upstream so Hirsute can be solved. After that I will SRU Focal and Groovy.

TL;DR: Caribou segfaults on pressing ē which can cause a screensaver bypass to cinnamon-screensaver and possibly any screensaver application using gir1.2-caribou-1.0.

ProblemType: Bug
DistroRelease: Ubuntu 20.10
Package: gir1.2-caribou-1.0 0.4.21-7
ProcVersionSignature: Ubuntu 5.8.0-33.36-generic 5.8.17
Uname: Linux 5.8.0-33-generic x86_64
ApportVersion: 2.20.11-0ubuntu50.3
Architecture: amd64
CasperMD5CheckResult: skip
CurrentDesktop: ubuntu:GNOME
Date: Sat Jan 16 10:36:59 2021
InstallationDate: Installed on 2020-10-23 (85 days ago)
InstallationMedia: Ubuntu 20.10 "Groovy Gorilla" - Release amd64 (20201022)
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
RebootRequiredPkgs:
 linux-image-5.8.0-38-generic
 linux-base
SourcePackage: caribou
UpgradeStatus: No upgrade log present (probably fresh install)