ELSA-2015-0535

Опубликовано: 11 мар. 2015

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2015-0535: GNOME Shell security, bug fix, and enhancement update (LOW)

clutter [1.14.4-12]

Include upstream patch to prevent a crash when hitting hardware limits Resolves: rhbz#1115162

[1.14.4-11]

Fix a typo in the Requires

[1.14.4-10]

Add patch for quadbuffer stereo suppport Resolves: rhbz#1108891

cogl [1.14.1-6]

Add patches for quadbuffer stereo suppport Resolves: rhbz#1108890

[1.14.0-5.2]

Ensure the glBlitFramebuffer case is not hit for swrast, since that's still broken.

gnome-shell [3.8.4-45]

Don't inform GDM about session changes that came from GDM Resolves: #1163474

[3.8.4-44]

If password authentication is disabled and smartcard authentication is enabled and smartcard isn't plugged in at start up, prompt user for smartcard Resolves: #1159385

[3.8.4-43]

Support long login banner messages more effectively Resolves: #1110036

[3.8.4-42]

Respect disk-writes lockdown setting Resolves: rhbz#1154122

[3.8.4-41]

Disallow consecutive screenshot requests to avoid an OOM situation Resolves: rhbz#1154107

[3.8.4-41]

Add option to limit app switcher to current workspace Resolves: rhbz#1101568

[3.8.4-40]

Try harder to use the default calendar application Resolves: rhbz#1052201

[3.8.4-40]

Update workspace switcher fix Resolves: rhbz#1092102

[3.8.4-39]

Validate screenshot parameters Resolves: rhbz#1104694

[3.8.4-38]

Fix shrinking workspace switcher Resolves: rhbz#1092102

[3.8.4-38]

Update fix for vertical monitor layouts to upstream fix Resolves: rhbz#1075240

[3.8.4-38]

Fix traceback introduced in 3.8.4-36 when unlocking via user switcher Related: #1101333

[3.8.4-37]

Fix problems with LDAP and disable-user-list=TRUE Resolves: rhbz#1137041

[3.8.4-36]

Fix login screen focus issue following idle Resolves: rhbz#1101333

[3.8.4-35]

Disallow cancel from login screen before login attempt has been initiated. Resolves: rhbz#1109530

[3.8.4-34]

Disallow cancel from login screen after login is already commencing. Resolves: rhbz#1079294

[3.8.4-33]

Add a patch for quadbuffer stereo suppport Resolves: rhbz#1108893

mutter [3.8.4.16]

Fix window placement regression Resolves: rhbz#1153641

[3.8.4-15]

Fix delayed mouse mode Resolves: rhbz#1149585

[3.8.4-14]

Preserve window placement on monitor changes Resolves: rhbz#1126754

[3.8.4-13]

Improve handling of vertical monitor layouts Resolves: rhbz#1108322

[3.8.4-13]

Add patches for quadbuffer stereo suppport Fix a bad performance problem drawing window thumbnails Resolves: rhbz#861507

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

clutter

1.14.4-12.el7

clutter-devel

1.14.4-12.el7

clutter-doc

1.14.4-12.el7

cogl

1.14.0-6.el7

cogl-devel

1.14.0-6.el7

cogl-doc

1.14.0-6.el7

gnome-shell

3.8.4-45.el7

gnome-shell-browser-plugin

3.8.4-45.el7

mutter

3.8.4-16.el7

mutter-devel

3.8.4-16.el7

Связанные CVE

CVE-2014-7300

Ссылки на источники

Связанные уязвимости

CVE-2014-7300

ubuntu

почти 11 лет назад

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.

CVE-2014-7300

redhat

около 11 лет назад

CVE-2014-7300

nvd

почти 11 лет назад

CVE-2014-7300

debian

почти 11 лет назад

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used ...

SUSE-SU-2015:0515-1

suse-cvrf

почти 11 лет назад

Security update for gnome-settings-daemon