Alex Yamauchi has reported a weakness in XScreenSaver, which potentially can be exploited by malicious people to bypass certain security restrictions. The weakness is caused due to an error within the parsing of results of a call to "getpwuid()" in drivers/lock.c when using directory servers during a network outage. This can be exploited to e.g. crash XScreenSaver and thus gain access to a locked system. Solution: Update to version 5.02.
setting status and cc'ing herd. desktop-misc, please advise.
*** This bug has been marked as a duplicate of bug 176584 ***