Package: rss-glx Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for rss-glx.
CVE-2007-5585[0]: | xscreensaver 5.03 and earlier, when running without | xscreensaver-gl-extras (GL extras) installed, crashes when | /usr/bin/xscreensaver-gl-helper does not exist and a user attempts to | unlock the screen, which allows attackers with physical access to gain | access to the locked session. If you fix this vulnerability please also include the CVE id in your changelog entry. So I think rss-glx should depend on xscreensaver-gl. I can't reproduce xscreensaver crashing, however it will exit if the xscreensaver-gl-helper program is missing. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp8L1wsfQbn0.pgp
Description: PGP signature
