KDE Plasma 5.5.5 Ships - Takes Care Of A Vulnerability To Bypass A Locked Screen
KDE Plasma 5.5.5 was released this morning as the latest monthly point release to the KDE Plasma 5.5 software stack.
Notable to Plasma 5.5.5 is that it fixes a KDE security issue known as CVE-2016-2312. This advisory is about Plasma 5 that when turning all screens off while the lock screen is show can result in the screen becoming unlocked when turning a screen on again. This would allow those with physical access to a system to bypass the screen lock. The technicals behind this issue are explained via this commit.
Particularly within X11 environments, it's a well known fact that screensavers aren't really secure and have been home to a variety of security vulnerabilities in the pass in letting those with physical access to the system easily bypass the safeguards.
Plasma 5.5.5 also has a session switching fix and an assortment of other fixes. More details via today's release announcement at KDE.org.
Notable to Plasma 5.5.5 is that it fixes a KDE security issue known as CVE-2016-2312. This advisory is about Plasma 5 that when turning all screens off while the lock screen is show can result in the screen becoming unlocked when turning a screen on again. This would allow those with physical access to a system to bypass the screen lock. The technicals behind this issue are explained via this commit.
Particularly within X11 environments, it's a well known fact that screensavers aren't really secure and have been home to a variety of security vulnerabilities in the pass in letting those with physical access to the system easily bypass the safeguards.
Plasma 5.5.5 also has a session switching fix and an assortment of other fixes. More details via today's release announcement at KDE.org.
Add A Comment