CVE-2014-1949 was assigned to cinnamon-screensaver.

The fix for this issue actually lies in gtk+3.0, in the following
commit:

https://git.gnome.org/browse/gtk+/commit/?id=1691bb741d50c90ee938f0b73fe81b0ca9bfd6d4

gtk+3.0 is already fixed in utopic, and we only have connamon-
screensaver in utopic.

Hence, this issue doesn't have a security impact in trusty.

If you would like this fixed in the gtk+3.0 package in trusty, it will
need to be done through the SRU process just like other bug fixes.
Please see the following for the procedure:

https://wiki.ubuntu.com/StableReleaseUpdates

** Also affects: gtk+3.0 (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: gtk+3.0 (Ubuntu Utopic)
   Importance: Undecided
       Status: New

** Changed in: gtk+3.0 (Ubuntu Utopic)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1949

** Changed in: gtk+3.0 (Ubuntu Trusty)
       Status: New => Confirmed

** Information type changed from Public Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to gtk+3.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1366790

Title:
  Fix for CVE-2014-1949 (GTK 3.10.x)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gtk+3.0/+bug/1366790/+subscriptions

-- 
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs

Reply via email to