Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package xscreensaver
xscreensaver (5.45+dfsg1-2) unstable; urgency=medium
* Do not assign raw net capability to "sonar" hack due to a security
vulnerability in mesa (Closes: #987149)
* Make sure is systemd unit is disabled if upgrading from previous
two releases (Closes: #978589)
* Do not enable screensaver on login screen (Closes: #979562, #988158)
* Recommend needed font for unlock dialog (Closes: #978086)
* Apply fix for crash on video output disconnection (Closes: #989508)
-- Tormod Volden <debian.tormod@gmail.com> Sun, 06 Jun 2021 12:25:19 +0200
Justification of the changes:
The fix for 987149 has been discussed with the security team. The change
is small, just disabling an extra feature of the "sonar" screensaver
hack/mode, and the code deals gracefully with lack of setuid or
capabilities.
The fix for 989508 was taken from QubesOS and I have also tested the
patched code.
The systemd unit was by mistake, and unnoticed, enabled by default in
a recent upload, and causes various issues, some of which are important
since they prevent screen locking. The change restores to the old
proven behaviour, we ship a systemd unit in the package but it is up
the user to enable it. In any case, it should not be run by the login
window system user.
The addition of the gsfonts-x11 package as an alternative Recommends is
important for being able to read the unlock dialog on all systems. The
potential harm of installing this package is very small. Extensively
investigated and tested by bug reporter and upstream.
Question:
The trivial addition of a missing " || true" in debian/rules* would fix
building on kfreebsd/hurd. Could that be considered?
Best regards,
Tormod
*) https://salsa.debian.org/debian/xscreensaver/-/commit/15d80e7ffe52375485a7d8df1d57a331da172ba4
unblock xscreensaver/5.45+dfsg1-2
Attachment:
xscreensaver_5.45+dfsg1-2.debdiff
Description: Binary data