SynopsisThe remote Debian host is missing a security update.
DescriptionIt was discovered that there was an issue around revealing passwords in the 'gnome-shell' component of the GNOME desktop.
In certain configurations, when logging out of an account the password box from the login dialog could reappear with the password visible in cleartext.
For Debian 9 'Stretch', this problem has been fixed in version 3.22.3-3+deb9u1.
We recommend that you upgrade your gnome-shell packages.
For the detailed security status of gnome-shell please refer to its security tracker page at:
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpgrade the affected gnome-shell, and gnome-shell-common packages.