Advisories » MGASA-2014-0501

Updated gnome-shell and gnome-settings-daemon packages fix security vulnerability

Publication date: 01 Dec 2014
Modification date: 01 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-7300

Description

The lock screen in gnome-shell does not disable taking screenshots via the
Print Screen key, and several consecutive screenshot requests can trigger an
out-of-memory situation, causing the lock screen to be killed, thus allowing
it to be bypassed (CVE-2014-7300).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=14334
• https://lists.fedoraproject.org/pipermail/package-announce/2014-October/141115.html
• http://lists.opensuse.org/opensuse-updates/2014-11/msg00005.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7300

SRPMS

4/core

• gnome-shell-3.10.2.1-7.1.mga4
• gnome-settings-daemon-3.10.2-2.1.mga4