=========================================================== Ubuntu Security Notice USN-269-1 April 11, 2006 xscreensaver vulnerability CVE-2004-2655 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: xscreensaver xscreensaver-gl xscreensaver-gnome xscreensaver-nognome The problem can be corrected by upgrading the affected package to version 4.16-1ubuntu3.1 (for Ubuntu 4.10), or 4.16-1ubuntu11.1 (for Ubuntu 5.04). After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: In some cases, xscreensaver did not properly grab the keyboard when reading the password for unlocking the screen, so that the password was typed into the currently active application window. The only known vulnerable case was when xscreensaver activated while an rdesktop session was currently active.