group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1708542] Re: Fix potential access violation, use runtime user dir instead of tmp dir

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Simon Quigley <tsimonq2@xxxxxxxxxx>
Date: Thu, 03 Aug 2017 21:53:12 -0000
Reply-to: Bug 1708542 <1708542@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: pcmanfm (Ubuntu Trusty)
     Assignee: (unassigned) => Simon Quigley (tsimonq2)

** Changed in: pcmanfm (Ubuntu Xenial)
     Assignee: (unassigned) => Simon Quigley (tsimonq2)

** Changed in: pcmanfm (Ubuntu Zesty)
     Assignee: (unassigned) => Simon Quigley (tsimonq2)

** Changed in: pcmanfm (Ubuntu Trusty)
       Status: New => In Progress

** Changed in: pcmanfm (Ubuntu Xenial)
       Status: New => In Progress

** Changed in: pcmanfm (Ubuntu Zesty)
       Status: New => In Progress

** Changed in: pcmanfm (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1708542

Title:
  Fix potential access violation, use runtime user dir instead of tmp
  dir

Status in pcmanfm package in Ubuntu:
  Fix Released
Status in pcmanfm source package in Trusty:
  In Progress
Status in pcmanfm source package in Xenial:
  In Progress
Status in pcmanfm source package in Zesty:
  In Progress

Bug description:
  PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user
  to cause a denial of service (application unavailability). This is tracked in CVE-2017-8934, and should be fixed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcmanfm/+bug/1708542/+subscriptions