Nom du paquet
gtk+2.0
Date
2010-05-27
Advisory ID
MDVSA-2010:109
Affected versions
2009.0 x86_64 , MES5 i586 , 2009.1 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2009.1 x86_64 , MES5 x86_64

Problem description

A vulnerability was discovered and fixed in gtk+2.0:

gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver
before 2.28.1, performs implicit paints on windows of type
GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances
and consequently allows physically proximate attackers to bypass
screen locking and access an unattended workstation by pressing the
Enter key many times (CVE-2010-0732).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

This update fixes this issue.

Updated packages

2009.0 x86_64

 6999641e621f9ee15bc439e0fe9b981f  2009.0/x86_64/gtk+2.0-2.14.3-2.1mdv2009.0.x86_64.rpm
 33851500c872f253715d11fc1f0b908d  2009.0/x86_64/lib64gail18-2.14.3-2.1mdv2009.0.x86_64.rpm
 47eaee7ac4576291e0974d7117a89459  2009.0/x86_64/lib64gail-devel-2.14.3-2.1mdv2009.0.x86_64.rpm
 e2b68a8d746c9bb2bd515c93220ed73d  2009.0/x86_64/lib64gdk_pixbuf2.0_0-2.14.3-2.1mdv2009.0.x86_64.rpm
 62060cfea7c077bebf712ddeea8960f1  2009.0/x86_64/lib64gdk_pixbuf2.0_0-devel-2.14.3-2.1mdv2009.0.x86_64.rpm
 c191760f279fc7ef06bef3e37d3a5f82  2009.0/x86_64/lib64gtk+2.0_0-2.14.3-2.1mdv2009.0.x86_64.rpm
 8c3cbfa56ca337b7e76ede7cdb6bf2dd  2009.0/x86_64/lib64gtk+2.0_0-devel-2.14.3-2.1mdv2009.0.x86_64.rpm
 650995e6bec10b2d424b708e1be21d2f  2009.0/x86_64/lib64gtk+-x11-2.0_0-2.14.3-2.1mdv2009.0.x86_64.rpm 
 d301fc61a2c8dc41a436edb699061955  2009.0/SRPMS/gtk+2.0-2.14.3-2.1mdv2009.0.src.rpm

MES5 i586

 760ed4665a40b3fde0c15fa9d2692a1a  mes5/i586/gtk+2.0-2.14.3-2.1mdvmes5.1.i586.rpm
 890959e5def2126453e7d148979f69a4  mes5/i586/libgail18-2.14.3-2.1mdvmes5.1.i586.rpm
 a6d398c6f8880269107ef97d3cc1a539  mes5/i586/libgail-devel-2.14.3-2.1mdvmes5.1.i586.rpm
 5cea1edcdfa14f0feb895fc352c6f3e4  mes5/i586/libgdk_pixbuf2.0_0-2.14.3-2.1mdvmes5.1.i586.rpm
 7e700ed416c7429537dd3375d22d185e  mes5/i586/libgdk_pixbuf2.0_0-devel-2.14.3-2.1mdvmes5.1.i586.rpm
 6200d92b320fe8b3c16eeb35f5645651  mes5/i586/libgtk+2.0_0-2.14.3-2.1mdvmes5.1.i586.rpm
 8db1105ffa383ad54593805784b31283  mes5/i586/libgtk+2.0_0-devel-2.14.3-2.1mdvmes5.1.i586.rpm
 43b14eb35a4ab62fe51eb17d5b86a93b  mes5/i586/libgtk+-x11-2.0_0-2.14.3-2.1mdvmes5.1.i586.rpm 
 a657d365ff839ee3a2a0ebb72d290cdc  mes5/SRPMS/gtk+2.0-2.14.3-2.1mdvmes5.1.src.rpm

2009.1 i586

 f2396f78726e185da0c3bef4d762e8d0  2009.1/i586/gtk+2.0-2.16.1-4.1mdv2009.1.i586.rpm
 07d45a8c633b79b3769035bcb0612a4b  2009.1/i586/libgail18-2.16.1-4.1mdv2009.1.i586.rpm
 9110a10744b8f30bbcf67cd8c03eb4c7  2009.1/i586/libgail-devel-2.16.1-4.1mdv2009.1.i586.rpm
 6f6edd01aec6960ddef6da316deb0e67  2009.1/i586/libgdk_pixbuf2.0_0-2.16.1-4.1mdv2009.1.i586.rpm
 1e74c1e51677679f4d1f717253bac8f8  2009.1/i586/libgdk_pixbuf2.0_0-devel-2.16.1-4.1mdv2009.1.i586.rpm
 e0e5a02076551f016ea6e6589f730889  2009.1/i586/libgtk+2.0_0-2.16.1-4.1mdv2009.1.i586.rpm
 0c60691889b01ef91fdc10c31d9f7a44  2009.1/i586/libgtk+2.0_0-devel-2.16.1-4.1mdv2009.1.i586.rpm
 ce7bebde4979c54ed0b73c0d6a45c973  2009.1/i586/libgtk+-x11-2.0_0-2.16.1-4.1mdv2009.1.i586.rpm 
 6aa3cd35d549c1196922e8301f426db7  2009.1/SRPMS/gtk+2.0-2.16.1-4.1mdv2009.1.src.rpm

2009.0 i586

 bcd63973ddb957847088f71b5cfc039b  2009.0/i586/gtk+2.0-2.14.3-2.1mdv2009.0.i586.rpm
 9b46f9018c8fbb2d1e052e0cdd473ff4  2009.0/i586/libgail18-2.14.3-2.1mdv2009.0.i586.rpm
 4d243b829780c8d2f35b4a5f08ac9acb  2009.0/i586/libgail-devel-2.14.3-2.1mdv2009.0.i586.rpm
 a8ca74ec343faac9f4445cfc88b5accc  2009.0/i586/libgdk_pixbuf2.0_0-2.14.3-2.1mdv2009.0.i586.rpm
 583607af6457480c4cb71af16f6f4563  2009.0/i586/libgdk_pixbuf2.0_0-devel-2.14.3-2.1mdv2009.0.i586.rpm
 8b9b0c013bc5815e5803b3be4e681433  2009.0/i586/libgtk+2.0_0-2.14.3-2.1mdv2009.0.i586.rpm
 10f6558dc95fe770c87e99f711c089fb  2009.0/i586/libgtk+2.0_0-devel-2.14.3-2.1mdv2009.0.i586.rpm
 23eb8c8cfc87a4209b125b8909fb8a9b  2009.0/i586/libgtk+-x11-2.0_0-2.14.3-2.1mdv2009.0.i586.rpm 
 d301fc61a2c8dc41a436edb699061955  2009.0/SRPMS/gtk+2.0-2.14.3-2.1mdv2009.0.src.rpm

CS4.0 i586

 0ae2bde2a8110529a3264873d4286212  corporate/4.0/i586/gtk+2.0-2.8.3-4.4.20060mlcs4.i586.rpm
 767685aae1b2911d834d929471344fec  corporate/4.0/i586/libgdk_pixbuf2.0_0-2.8.3-4.4.20060mlcs4.i586.rpm
 4a9f22f438875e2f60daed8bc243adc4  corporate/4.0/i586/libgdk_pixbuf2.0_0-devel-2.8.3-4.4.20060mlcs4.i586.rpm
 1f7ef426ce7aeb211403debacb5e1d84  corporate/4.0/i586/libgtk+2.0_0-2.8.3-4.4.20060mlcs4.i586.rpm
 3a550de7eed2fec9c99757cfa66e2920  corporate/4.0/i586/libgtk+2.0_0-devel-2.8.3-4.4.20060mlcs4.i586.rpm
 84008c122de9aa323340bb295ed9e089  corporate/4.0/i586/libgtk+-x11-2.0_0-2.8.3-4.4.20060mlcs4.i586.rpm 
 622fba84b6f40c807e45f2ba8350e393  corporate/4.0/SRPMS/gtk+2.0-2.8.3-4.4.20060mlcs4.src.rpm

2008.0 x86_64

 311dd4f3603ff9759e1136eeecaee89b  2008.0/x86_64/gtk+2.0-2.12.1-2.2mdv2008.0.x86_64.rpm
 1af93ae5f0a506d4bd96d488335b4aa4  2008.0/x86_64/lib64gdk_pixbuf2.0_0-2.12.1-2.2mdv2008.0.x86_64.rpm
 90ad7d83058d56e88961cbb4a4087b74  2008.0/x86_64/lib64gdk_pixbuf2.0_0-devel-2.12.1-2.2mdv2008.0.x86_64.rpm
 67e8e76883260fff690d6b04ebb89cfc  2008.0/x86_64/lib64gtk+2.0_0-2.12.1-2.2mdv2008.0.x86_64.rpm
 129c65e8a1b8ba370556de12547c9f5c  2008.0/x86_64/lib64gtk+2.0_0-devel-2.12.1-2.2mdv2008.0.x86_64.rpm
 57e9f7712ed1f9eda1a1729c29049f8d  2008.0/x86_64/lib64gtk+-x11-2.0_0-2.12.1-2.2mdv2008.0.x86_64.rpm 
 e6ad155061eed97be73cd9cc8a52a0d9  2008.0/SRPMS/gtk+2.0-2.12.1-2.2mdv2008.0.src.rpm

CS4.0 x86_64

 e6c4ac5d0cc5c5096980f11f3048831e  corporate/4.0/x86_64/gtk+2.0-2.8.3-4.4.20060mlcs4.x86_64.rpm
 9e439be03915be4d385e844064de2bf0  corporate/4.0/x86_64/lib64gdk_pixbuf2.0_0-2.8.3-4.4.20060mlcs4.x86_64.rpm
 548d7bdadec30152cd8ed125332d8169  corporate/4.0/x86_64/lib64gdk_pixbuf2.0_0-devel-2.8.3-4.4.20060mlcs4.x86_64.rpm
 fcdf5eb7a865f6a26ba70947df20fb06  corporate/4.0/x86_64/lib64gtk+2.0_0-2.8.3-4.4.20060mlcs4.x86_64.rpm
 7f6ae0aab6b8c80af0396199f0865d3a  corporate/4.0/x86_64/lib64gtk+2.0_0-devel-2.8.3-4.4.20060mlcs4.x86_64.rpm
 1dc4c1312a013adbb66658a1327414ed  corporate/4.0/x86_64/lib64gtk+-x11-2.0_0-2.8.3-4.4.20060mlcs4.x86_64.rpm 
 622fba84b6f40c807e45f2ba8350e393  corporate/4.0/SRPMS/gtk+2.0-2.8.3-4.4.20060mlcs4.src.rpm

2008.0 i586

 c3a29224a7ab7f869fad3541908f6eff  2008.0/i586/gtk+2.0-2.12.1-2.2mdv2008.0.i586.rpm
 f3b1608da1dce0eb474b1f21bd77d75b  2008.0/i586/libgdk_pixbuf2.0_0-2.12.1-2.2mdv2008.0.i586.rpm
 040a1ca71f7eadb280de43c92e49c17d  2008.0/i586/libgdk_pixbuf2.0_0-devel-2.12.1-2.2mdv2008.0.i586.rpm
 57e8f954302b4c65ade25df18a6c95df  2008.0/i586/libgtk+2.0_0-2.12.1-2.2mdv2008.0.i586.rpm
 49419f6f92d6b0ec484aced9de1bab2e  2008.0/i586/libgtk+2.0_0-devel-2.12.1-2.2mdv2008.0.i586.rpm
 00b2ead1a22168be0125f115d8f0acb1  2008.0/i586/libgtk+-x11-2.0_0-2.12.1-2.2mdv2008.0.i586.rpm 
 e6ad155061eed97be73cd9cc8a52a0d9  2008.0/SRPMS/gtk+2.0-2.12.1-2.2mdv2008.0.src.rpm

2009.1 x86_64

 ce505e19d99cf9fdcfee3b10f8c58527  2009.1/x86_64/gtk+2.0-2.16.1-4.1mdv2009.1.x86_64.rpm
 77442eb6613fecc7347e165e1f9830a6  2009.1/x86_64/lib64gail18-2.16.1-4.1mdv2009.1.x86_64.rpm
 2a0429f85ee92c150ae4869a688b1601  2009.1/x86_64/lib64gail-devel-2.16.1-4.1mdv2009.1.x86_64.rpm
 502a01d2c51a10a523f6ca517ab1ac03  2009.1/x86_64/lib64gdk_pixbuf2.0_0-2.16.1-4.1mdv2009.1.x86_64.rpm
 e1614cfcf1baef0af2fa796b1efa01cd  2009.1/x86_64/lib64gdk_pixbuf2.0_0-devel-2.16.1-4.1mdv2009.1.x86_64.rpm
 b3048473a02a234d4e11f594276b4cc7  2009.1/x86_64/lib64gtk+2.0_0-2.16.1-4.1mdv2009.1.x86_64.rpm
 cddd82c64d1cf1ea6f4f09cc1298887f  2009.1/x86_64/lib64gtk+2.0_0-devel-2.16.1-4.1mdv2009.1.x86_64.rpm
 8483720dfddcaca2596bcb3ea6c7d083  2009.1/x86_64/lib64gtk+-x11-2.0_0-2.16.1-4.1mdv2009.1.x86_64.rpm 
 6aa3cd35d549c1196922e8301f426db7  2009.1/SRPMS/gtk+2.0-2.16.1-4.1mdv2009.1.src.rpm

MES5 x86_64

 e93453ce255fdae6f6d712b21e70bf9c  mes5/x86_64/gtk+2.0-2.14.3-2.1mdvmes5.1.x86_64.rpm
 b4694b5b1bc7234ec2605c742aa1106c  mes5/x86_64/lib64gail18-2.14.3-2.1mdvmes5.1.x86_64.rpm
 279970ee4c96b2fe22f0e7eb3a4d2aab  mes5/x86_64/lib64gail-devel-2.14.3-2.1mdvmes5.1.x86_64.rpm
 75b722930a354ac78629b186e49bacd3  mes5/x86_64/lib64gdk_pixbuf2.0_0-2.14.3-2.1mdvmes5.1.x86_64.rpm
 b7367c9e1204038a1ece45a8090b1c08  mes5/x86_64/lib64gdk_pixbuf2.0_0-devel-2.14.3-2.1mdvmes5.1.x86_64.rpm
 88f2b9c887f2a33c4d48119dfe71a888  mes5/x86_64/lib64gtk+2.0_0-2.14.3-2.1mdvmes5.1.x86_64.rpm
 e9eafb8ee40f13074ed6e4e1aca4c65c  mes5/x86_64/lib64gtk+2.0_0-devel-2.14.3-2.1mdvmes5.1.x86_64.rpm
 c9a3f5de6bb9a073a0e88ce3ee1ef5e6  mes5/x86_64/lib64gtk+-x11-2.0_0-2.14.3-2.1mdvmes5.1.x86_64.rpm 
 a657d365ff839ee3a2a0ebb72d290cdc  mes5/SRPMS/gtk+2.0-2.14.3-2.1mdvmes5.1.src.rpm

References