desktop-packages team mailing list archive

[Launchpad Bug Tracker <1405794@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package ubuntu-wallpapers - 15.04.0-0ubuntu1

---------------
ubuntu-wallpapers (15.04.0-0ubuntu1) vivid; urgency=medium

  * Remove +x from Water_web_by_Tom_Kijas (LP: #1405794)
  * Import Vivid wallpapers and create package (LP: #1429011)
  * Update default wallpaper, and add 'alternative' official wallpaper.
  * Update copyright file to account for copyright of default wallpaper and
    extend year to 2015.
 -- Iain Lane <iain.lane@xxxxxxxxxxxxx>   Wed, 11 Mar 2015 16:31:56 +0000

** Changed in: ubuntu-wallpapers (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ubuntu-wallpapers in Ubuntu.
https://bugs.launchpad.net/bugs/1405794

Title:
  /usr/share/backgrounds/Water_web_by_Tom_Kijas.jpg has executable
  permissions set by default.

Status in ubuntu-wallpapers package in Ubuntu:
  Fix Released

Bug description:
  /usr/share/backgrounds/Water_web_by_Tom_Kijas.jpg has executable
  permissions set by default. This file is part of the ubuntu-
  wallpapers-trusty_14.04.0.1-0ubuntu1_all package.

  Clearly as a background image/desktop wallpaper this file should not
  have executable privileges. I have checked the file with ClamTk  5.10
  which reports no problems.

  I'm flagging this as a security bug because jpg files can be used as
  an attack vector. But it's likely just a mistake in the packaging of
  the file.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-wallpapers/+bug/1405794/+subscriptions