It was discovered that the acpi-support update for DSA-2984-1 would make a laptop"s power button forcibly shut the system down, instead of triggering the configured action . This only affects systems using the gnome-settings-daemon. For reference, the original advisory follows. CESG discovered a root escalation flaw in the acpi-support package. An unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script.