CVE-2008-6514 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6514): The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts, a related issue to CVE-2007-3920.
I'm going to add 0.8.2 asap to the tree.
As it's an easy patch, we could also fix 0.7.8.
I just added compiz-0.8.2 to the tree. After talking to rbu, I've decided to skip patching 0.7.8. Should we remove 0.7.8 asap?
yep, please remove. closing [noglsa] as this affected ~arch only.
I've now removed compiz-0.7.8 ebuilds from the tree.