Critical vulnerability found in XORG 1.11

    image

    In XORG version 1.11 (Fedora 16, Arch Linux, Fuduntu, Debian unstable regardless of the working environment) and above, a critical vulnerability was discovered that allows passwords to pass through his request in lock screens (Screensaver, xscreensaver kscreenlocker, etc.) using the elementary combination CTRL + ALT + * (the one on the nampad).

    Ubuntu Xorg version 1.10.4, so this OS is not affected by this vulnerability. XORG version 1.11 is planned for introduction in 12.04, but I think by this time this bug will be fixed.

    I wonder how the BSDeshnikov, Solarisnikov, and so on deal with this matter.

    Also popular now: