CVE-2013-7374

Publication date 30 April 2014

Last updated 24 July 2024

Ubuntu priority

The Ubuntu Date and Time Indicator (aka indicator-datetime) 13.10.0+13.10.x before 13.10.0+13.10.20131023.2-0ubuntu1.1 does not properly restrict access to Evolution, which allows local users to bypass the greeter screen restrictions by clicking the date.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
indicator-datetime	14.04 LTS trusty	Fixed 13.10.0+14.04.20131125-0ubuntu1
	13.10 saucy	Fixed 13.10.0+13.10.20131023.2-0ubuntu1.1
	12.10 quantal	Not affected
	12.04 LTS precise	Not affected
	10.04 LTS lucid	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
indicator-datetime	Upstream: http://bazaar.launchpad.net/~indicator-applet-developers/indicator-datetime/trunk.13.10/revision/282

References

Related Ubuntu Security Notices (USN)

USN-2186-1
Date and Time Indicator vulnerability
30 April 2014

Other references

https://www.cve.org/CVERecord?id=CVE-2013-7374