Bug#970239: buster-pu: package gnome-shell/3.30.2-11~deb10u2
On Sun, 13 Sep 2020 at 13:26:15 +0100, Simon McVittie wrote:
> CVE-2020-17489: If a user logs in and types their password, on switching
> to the gdm login screen (in particular for "fast user switching") the
> password entry box is briefly visible, disclosing the length of the
> password that was entered (by counting the number of character placeholders
> in the box).
Sorry, I forgot to specify that this is "no-dsa, minor issue" from the
security team's point of view.
smcv
Reply to: