Back to xtrlock PTS page

Accepted xtrlock 2.8+deb10u1 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted xtrlock 2.8+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 14 Mar 2020 19:17:10 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1jDCHW-0008kg-3P@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 16 Jan 2020 16:00:52 +0000
Source: xtrlock
Architecture: source
Version: 2.8+deb10u1
Distribution: buster
Urgency: high
Maintainer: Matthew Vernon <matthew@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 830726
Changes:
 xtrlock (2.8+deb10u1) buster; urgency=high
 .
   * CVE-2016-10894: Attempt to grab multitouch devices which are not
     intercepted via XGrabPointer.
 .
     xtrlock did not block multitouch events so an attacker could still input
     and thus control various programs such as Chromium, etc. via so-called
     "multitouch" events such as pan scrolling, "pinch and zoom", or even being
     able to provide regular mouse clicks by depressing the touchpad once and
     then clicking with a secondary finger.
 .
     This fix does not the situation where Eve plugs in a multitouch device
     *after* the screen has been locked. For more information on this angle,
     please see <https://bugs.debian.org/830726#115>. (Closes: #830726)
Checksums-Sha1:
 f950ec30c91399896229718af98d97887e404aca 1461 xtrlock_2.8+deb10u1.dsc
 a83b0156c4d792af244aea0ae9ff89a735c5f247 21907 xtrlock_2.8+deb10u1.tar.gz
 5a0fed0546a8189a3f9f2c1cb382f0cc3de7a19a 5076 xtrlock_2.8+deb10u1_amd64.buildinfo
Checksums-Sha256:
 afcd1196e84993cf13bd82c06c946010f6bb80169a69922bb121b2720cfc8aff 1461 xtrlock_2.8+deb10u1.dsc
 0aa7025c298d9590ac39270c159d460d327fcab0c71045f257905221e8b2f535 21907 xtrlock_2.8+deb10u1.tar.gz
 b471cd73c2e9bbd2bc868fdc2a52bf8782ab3b98d679012c550cb320de2878d2 5076 xtrlock_2.8+deb10u1_amd64.buildinfo
Files:
 3274cf204947ca02b47dc102d4455154 1461 x11 optional xtrlock_2.8+deb10u1.dsc
 4516ca210599526c63d382367d53a93b 21907 x11 optional xtrlock_2.8+deb10u1.tar.gz
 b6f9d6e2d975cf1b15fa4759e2e57890 5076 x11 optional xtrlock_2.8+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl5hVAsACgkQHpU+J9Qx
HlgI1hAAg5LlkKCvwuWw327rtSvhSzW82odVi2OfK90PvzP2v1D6/yGTYGz0VXaf
0X1u83UcP31MX4sib8FnoxjFkI4jtSzEouyDF7MXxsYWCFLlqp2VbcLbjYtDEI12
lz+MpYah5Itle7dI+rHjKAvJlttC2B5DtPrf8PlLP31ePv5UabOWU+m/uJX/ua9j
mw3jbX+ZPdG9UwCUW9sIWP4+SqdWnbBCWHxbDutrgjrZlNSVSY8dDkPTlvYfp7wq
TxbtTnAWGtadI8fdbmeeShpKux7Nsh6ucQHgw+/JT8msrDiItUA2L/Rr3dVK3H1y
W6t9moyxhMgGqdatrkeg66/hXBvFDbJoPEwj9swi9Tnb1IHtTzYjBRZK/Hxs+Gnn
HjSOePfZjSjSPR7hl/LkP/53Kq0yg1VlcN5DejgrfYGODZnaYVamcyrJxo2YPLn0
STQTYKCiL6hXJWQolbkuFoOWk/btqJDouyohluIWCMpSe4jW3/Y4Mq6oL4VE+GhB
SJySq4+0+pbc5u3wQbBh4fXr2SVUshvtq1jk97yuHGorsl6SPCq6Vp3/EGF8RERM
7gjarms7Ko8jIbms7xu8lg8S4RSzdzPBI8fZazQ6GDe6+bT1vnY7WB5Doau4SMT+
yw5X+txBETQjtHOkbJLRSIHA4spSawXOJzQa8+hsTvfaIS9eg/s=
=mcjU
-----END PGP SIGNATURE-----