Debian
xtrlock package

xtrlock 2.8+deb9u1 source package in Debian

Changelog

xtrlock (2.8+deb9u1) stretch; urgency=high

  * CVE-2016-10894: Attempt to grab multitouch devices which are not
    intercepted via XGrabPointer.

    xtrlock did not block multitouch events so an attacker could still input
    and thus control various programs such as Chromium, etc. via so-called
    "multitouch" events such as pan scrolling, "pinch and zoom", or even being
    able to provide regular mouse clicks by depressing the touchpad once and
    then clicking with a secondary finger.

    This fix does not the situation where Eve plugs in a multitouch device
    *after* the screen has been locked. For more information on this angle,
    please see <https://bugs.debian.org/830726#115>. (Closes: #830726)

 -- Chris Lamb <email address hidden>  Thu, 16 Jan 2020 16:00:52 +0000

Upload details

Uploaded by:
Matthew Vernon
Uploaded to:
Stretch
Original maintainer:
Matthew Vernon
Architectures:
any
Section:
x11
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Stretch release main x11

Builds

Downloads

File Size SHA-256 Checksum
xtrlock_2.8+deb9u1.dsc 1.4 KiB 0c165522c0f09e3ca44ccd26e1bc24ae6496aee76c4ae1216805b8127a4e3387
xtrlock_2.8+deb9u1.tar.gz 21.3 KiB 33c26b5c1e345c6840e54f636316fa43de230872dce235f48cc81e1ceaae5bbe

No changes file available.

Binary packages built by this source