group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #15414
[Bug 1708542] Re: Fix potential access violation, use runtime user dir instead of tmp dir
This bug was fixed in the package pcmanfm - 1.2.5-2ubuntu0.1
---------------
pcmanfm (1.2.5-2ubuntu0.1) zesty-security; urgency=medium
* SECURITY UPDATE: Fix potential access violation, use runtime user dir
instead of tmp dir (LP: #1708542)
- fix-CVE-2017-8934.patch
- CVE-2017-8934
-- Simon Quigley <tsimonq2@xxxxxxxxxx> Thu, 03 Aug 2017 17:24:30 -0500
** Changed in: pcmanfm (Ubuntu Zesty)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1708542
Title:
Fix potential access violation, use runtime user dir instead of tmp
dir
Status in pcmanfm package in Ubuntu:
Fix Released
Status in pcmanfm source package in Trusty:
Fix Released
Status in pcmanfm source package in Xenial:
Fix Released
Status in pcmanfm source package in Zesty:
Fix Released
Bug description:
PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user
to cause a denial of service (application unavailability). This is tracked in CVE-2017-8934, and should be fixed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcmanfm/+bug/1708542/+subscriptions