[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Mageia alert MGASA-2013-0312 (clutter)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2013-0312: Updated clutter packages fix CVE-2013-2190 


Date:
    	      Thu, 17 Oct 2013 21:55:37 +0200


Message-ID:
    	      <20131017195538.2505548A6C@valstar.mageia.org>



MGASA-2013-0312 - Updated clutter packages fix CVE-2013-2190

Publication date: 17 Oct 2013
URL: http://advisories.mageia.org/MGASA-2013-0312.html

Type: security
Affected Mageia releases: 2, 3
CVE: CVE-2013-2190

Description:
Updated clutter packages fix security vulnerability:

A security flaw was found in the way Clutter, an open source software library
for creating rich graphical user interfaces, used to manage translation of
hierarchy events in certain circumstances (when underlying device disappeared,
causing XIQueryDevice query to throw an error). Physically proximate attackers
could use this flaw for example to obtain unauthorized access to gnome-shell
session right after system resume (due to gnome-shell crash) (CVE-2013-2190).

References:
- http://lists.opensuse.org/opensuse-updates/2013-10/msg000...
- https://bugs.mageia.org/show_bug.cgi?id=11448

- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2190


SRPMS:
- 3/core/clutter-1.12.2-2.1.mga3
- 2/core/clutter-1.10.8-1.1.mga2
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds