On Sat, 16 Sep 2023 at 22:53:55 +0200, Salvatore Bonaccorso wrote:
> The following vulnerability was published for gnome-shell.
>
> CVE-2023-43090[0]:
> | Screenshot tool allows viewing open windows when session is locked
Thank you for reporting this. I'm preparing a 44.5 upload for unstable now,
after which I will look at fixes for older suites.
Does the security team intend to issue a DSA for this? It would be really
helpful if CVE reports from the security team could explicitly mention the
DSA status (wanted / not planned / undecided) so that maintainers can do
the right thing (preparing a security upload or a stable-proposed-updates
upload), without always needing an extra email round-trip to ask what the
right thing is going to be.
smcv
