-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5501-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 18, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gnome-shell CVE ID : CVE-2023-43090 Debian Bug : 1052067 Mickael Karatekin discovered that the GNOME session locking didn't restrict a keyboard shortcut used for taking screenshots in GNOME Screenshot which could result in information disclosure. The oldstable distribution (bullseye) is not affected. For the stable distribution (bookworm), this problem has been fixed in version 43.6-1~deb12u2. We recommend that you upgrade your gnome-shell packages. For the detailed security status of gnome-shell please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gnome-shell Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmUIw3UACgkQEMKTtsN8 TjaVlw/+LUH83VpiNEc7iPjRxpLP2QdErxo/cPMoru4IWvjJ7keEQOpn9fRkrM2I btv5UNYFtveKnIeP1y9mScq3J9P+LRTqkPP5rlnfj++0CkXcxjqNsOKcz9COktFN i1z7+ZONPt1U1IMD/3nIvzYnyCbGS1Gy3ywW82lOtTfF7wrASSowfPF5BXgxU0Xn WR2FCYcPK8FfceLvV/p53ri4LhJTL2524jYPj0NagKA2+Wy9Iz/1nEMhOLTbgW3C w4ccf1LeUQhSI+IkeXJKW+ZJZErLp6behwz2xlVSLwpavZGMXABrS3/wBdlVX1nf Szn5qyT8tnDhPNM/2QE5YVThF5Hg0DXG/hnlXYdyEE3bKjNSyj67ITlWDMayOW8C +kBAw5N3W7WzU5R6vrKQrOZDLRsJICVpcZUYpE7OVOvbli9ACUdJygsWZSklhx3t TOU2VS7FUuv93XrKDHLaBC3sTuqMr4tfpeflAYbYioav1nWZ+jLNiVZvBxuzVi+L CZamJB4izz7bVrMrPeeyvkGDt1YSbJXEO/Ylddvo2e243IQ/PKtz87AkG052kwQU H22yXJ2qgRtSqeB0kJc3Mwpp3/UH5ypP506rONtqj7Eit/YeEjXY0J+qY6wzPxw/ uPB2huzZae7Xz3PHAaZpUUZ5oRvrxoKoMtF4XcuzmaO5GBqciKo=BOC4 -----END PGP SIGNATURE-----