Dear users,
Please note that pyxtrlock is deprecated, unmaintained and insecure!
There is at least one known vulnerability, which is that on Wayland
systems, only X applications are locked, while pyxtrlock gives the
impression to lock all applications.
Therefore, we do not recommend to use pyxtrlock on Wayland systems.
However, we do not intend to develop pyxtrlock any further. This
includes fixes for any vulnerabilities that may be discovered in the
future.
Therefore, we do not recommend to use pyxtrlock on any systems.
The README.md file has been updated accordingly. This mailing list will
be closed following this email.
We thank you for your interest and will leave the Github repository
online in case anyone would like to maintain a fork in the future.
The pyxtrlock maintainers
pyxtrlock version 0.4 has been released today.
This is a security release that adds a check to ensure pyxtrlock is run
in an X11 session. If a non-X11 session, such as Wayland, is detected,
pyxtrlock will now abort with an error message without displaying the
lock symbol.
This has become necessary as pyxtrlock cannot securely lock non-X11
sessions that are now run by default on some distributions. In that
case, pyxtrlock would give a false security impression by displaying the
lock icon, while input to non-X11 windows is not actually locked.
We recommend to update your pyxtrlock packages.
The new release is available at [1].
We thank Github user javixeneize for reporting this issue. [2]
[1] https://github.com/leonnnn/pyxtrlock/releases/tag/0.4
[2] https://github.com/leonnnn/pyxtrlock/issues/21
Dear subscribers,
To keep up with the recent developments in email infrastructure (namely
DKIM signatures), the following changes will be made to the mailing list
software:
* The subject prefix [pyxtrlock] will not be prepended to new messages
anymore (nor will the software make any other changes to subjects).
* No body amendmends will be made (thus, no footer lines will be written
on messages).
If you have been filtering your mail using the Subject line, you should
switch to filtering on the List-Id header, which will still be present
and whose value is:
User and devel mailing list for pyxtrlock
<pyxtrlock.lists.zombofant.net>
(usually, filtering for the parts in <> is enough)
best regards,
Jonas Wielicki
