mailing list archives
Re: Screen locking programs on Xorg 1.11
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 18 Jan 2012 22:18:59 -0700
On 01/18/2012 05:03 PM, Gu1 wrote:
I recently found out that it is possible to kill a screensaver/screen
locker program on the latest version of Xorg (1.11 shipped with
archlinux, debian wheezy..) using the Ctrl+Alt+Multiply key binding.
This behavior seems to have been introduced in a recent commit and i
couldn't find a way to disable it.
All screen locking programs i tested (gnome-screensaver, kscreenlocker,
slock, slimlock...), are basically rendered useless.
Not sure if this is a bug or a feature... :)
Confirmed. Please use CVE-2012-0064 for this issue.
-- Kurt Seifried / Red Hat Security Response Team