diff options
author | Stuart Henderson <sthen@cvs.openbsd.org> | 2012-01-19 16:18:56 +0000 |
---|---|---|
committer | Stuart Henderson <sthen@cvs.openbsd.org> | 2012-01-19 16:18:56 +0000 |
commit | 697f12bb5d4f69cd9507fd44b850a5f51383a7f0 (patch) | |
tree | a7abb2df5a49d45e14390b0026b46e9d5f02a0eb | |
parent | 98125d2304c46978a1964189d1989495ab25aa3e (diff) |
Workaround CVE-2012-0064, password-locked X screen savers can be bypassed
with Ctrl Alt *.
This is not the complete fix but mitigates the issue for now.
Bug was introduced to OpenBSD in the xserver update on 2011/11/05
(commit 7d2543a3cb3 upstream), so it affects -current since that date,
but no OpenBSD releases.
ok matthieu@ phessler@ dcoppa@, also tested by schwarze@, jj@
If you want this fix before new snapshots are available, copy the new
file to /usr/X11R6/share/X11/xkb/compat/xfree86 and reload the kbmap e.g.
setxkbmap $(setxkbmap -query | awk '/layout/ { print $2 }')
-rw-r--r-- | dist/xkeyboard-config/compat/xfree86 | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/dist/xkeyboard-config/compat/xfree86 b/dist/xkeyboard-config/compat/xfree86 index cf4a8b22b..caa9dce38 100644 --- a/dist/xkeyboard-config/compat/xfree86 +++ b/dist/xkeyboard-config/compat/xfree86 @@ -41,12 +41,6 @@ default partial xkb_compatibility "basic" { action = SwitchScreen(Screen=12, !SameServer); }; - interpret XF86_Ungrab { - action = Private(type=0x86, data="Ungrab"); - }; - interpret XF86_ClearGrab { - action = Private(type=0x86, data="ClsGrb"); - }; interpret XF86LogGrabInfo { action = Private(type=0x86, data="PrGrbs"); }; |