Ubuntu Security Notice 3966-1 - It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked.
bc472bc8d95f101ec79ee90aab5dbf93ad0e7fef7ec672cf9a2183bc6071ca6a
==========================================================================
Ubuntu Security Notice USN-3966-1
May 06, 2019
gnome-shell vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10
- Ubuntu 18.04 LTS
Summary:
GNOME Shell could be made to execute keyboard shortcuts and other
actions while the workstation was locked.
Software Description:
- gnome-shell: graphical shell for the GNOME desktop
Details:
It was discovered that the GNOME Shell incorrectly handled certain
keyboard inputs. An attacker could possibly use this issue to invoke
keyboard shortcuts, and potentially other actions while the workstation
was locked.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.10:
gnome-shell 3.30.2-0ubuntu1.18.10.2
Ubuntu 18.04 LTS:
gnome-shell 3.28.3+git20190124-0ubuntu18.04.2
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3966-1
CVE-2019-3820
Package Information:
https://launchpad.net/ubuntu/+source/gnome-shell/3.30.2-0ubuntu1.18.10.2
https://launchpad.net/ubuntu/+source/gnome-shell/3.28.3+git20190124-0ubuntu18.04.2