CVE-2007-6389 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6389): The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V.
The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V.
There are patches available here, but I have to agree with the last comments on the GNOME bug that clearing without restoring might not be expected behavior.
dito, applying this patches would be a fault imo. This would cause many bugreports about problems with the clipboard
Setting to upstream status until we have a proper patch.
CCing maintainers... Do we need to do anything? It seems upstream went with data loss and is seeing if someone cares about the clipboard data loss
Mart, thanks for getting back on this bug. This thing is stable, so we're here for GLSA decision. I tend to vote yes.
I tend to vote NO.
I vote NO.
reverting to NO then, closing.