[ubuntu/lunar-security] budgie-extras 1.6.0-1ubuntu0.1 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Thu Dec 14 16:43:38 UTC 2023 

budgie-extras (1.6.0-1ubuntu0.1) lunar-security; urgency=medium

  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for clockworks applet
    (LP: #2044373)
    - d/patches/clockwork-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
      d/patches/clockwork-tmpxdg-pep8.patch: resolve pep8
      package test failure, thanks to original author
    - CVE-2023-49342
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for dropby applet
    (LP: #2044373)
    - d/patches/dropby-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations
      d/patches/dropby-tmpxdg-pep8.patch: resolve pep8
      package test failure, thanks to original author
    - CVE-2023-49343
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for shuffler app
    (LP: #2044373)
    - d/patches/shuffler-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
    - CVE-2023-49344
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for takeabreak
    applet (LP: #2044373)
    - d/patches/takeabreak-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
      d/patches/takeabreak-tmpxdg-pep8.patch: resolve pep8
      package test failure, thanks to original author
      d/patches/takeabreak-tmpxdg-pep8_part2.patch: resolve pep8
      package test failure, thanks to original author
    - CVE-2023-49345
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for weathershow
    applet (LP: #2044373)
    - d/patches/weathershow-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
    - CVE-2023-49346
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for window
    previews applet (LP: #2044373)
    - d/patches/wpreviews-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
    - CVE-2023-49347

Date: 2023-12-07 18:46:16.849480+00:00
Changed-By: fossfreedom <davidmohammed at gmail.com>
Signed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/budgie-extras/1.6.0-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the lunar-changes mailing list