[USN-4958-1] Caribou vulnerability

========================================================================== Ubuntu Security Notice USN-4958-1 May 17, 2021
caribou vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 20.10 – Ubuntu 20.04 LTS
Applications using Caribou could be made to crash if given specially crafted input.
Software Description: – caribou: Configurable on screen keyboard with scanning mode
It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: gir1.2-caribou-1.0 0.4.21-7ubuntu0.20.10.1 libcaribou0 0.4.21-7ubuntu0.20.10.1
Ubuntu 20.04 LTS: gir1.2-caribou-1.0 0.4.21-7ubuntu0.20.04.1 libcaribou0 0.4.21-7ubuntu0.20.04.1
After a standard system update you need to restart applications that use Caribou as an onscreen keyboard to make all the necessary changes.
References: ubuntu.com/security/notices/USN-4958-1 launchpad.net/bugs/1912060
Package Information: launchpad.net/ubuntu/+source/caribou/0.4.21-7ubuntu0.20.10.1 launchpad.net/ubuntu/+source/caribou/0.4.21-7ubuntu0.20.04.1