Startseite » Forum » Trisquel users
Verfasst von SabirSaleem90 am Sa, 12/04/2021 - 09:29

Trisquel Mate Desktop (vulnerability)

2 Antworten [Letzter Beitrag]
Sa, 12/04/2021 - 09:29
SabirSaleem90
SabirSaleem90
Offline
Beigetreten: 10/03/2021

mate-screensaver before 1.20.2 in MATE Desktop Environment allows physically proximate attackers to view screen content and possibly control applications. By unplugging and re-plugging or power-cycling external output devices (such as additionally attached graphical outputs via HDMI, VGA, DVI, etc.) the content of a screensaver-locked session can be revealed. In some scenarios, the attacker can execute applications, such as by clicking with a mouse.

I see Trisquel has currently version of mate desktop 1.20.1

does it still vulnerable because it is not updated much and above said all versions of mate less than 1.20.2 are vulnerable due to screensaver bug.

Thank you.

Oben
  • +1
    0
    -1
    Please use the rating system to mark posts that go against the Community Guidelines
Sa, 12/04/2021 - 20:49
#1
Legimet
Legimet
Offline
Beigetreten: 12/10/2013

Yes, it appears to be vulnerable, as the package has not been updated since 2018. Most X11 screenlockers tend to have these issues.

https://blog.martin-graesslin.com/blog/2015/01/why-screen-lockers-on-x11-cannot-be-secure/
https://www.jwz.org/blog/2014/04/the-awful-thing-about-getting-it-right-the-first-time-is-that-nobody-realizes-how-hard-it-was/

Oben
  • +1
    0
    -1
    Please use the rating system to mark posts that go against the Community Guidelines
So, 12/05/2021 - 03:41
#2
SabirSaleem90
SabirSaleem90
Offline
Beigetreten: 10/03/2021

Yes that is why I moved to KDE Plasma Triskel version :)

Thanks for your suggestions above.

Oben
  • +1
    0
    -1
    Please use the rating system to mark posts that go against the Community Guidelines