group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #15457
[Bug 1703564] Re: [CVE] Socket may be blocked by another user
** Changed in: menu-cache (Ubuntu Trusty)
Assignee: (unassigned) => Simon Quigley (tsimonq2)
** Changed in: menu-cache (Ubuntu Xenial)
Assignee: (unassigned) => Simon Quigley (tsimonq2)
** Changed in: menu-cache (Ubuntu Zesty)
Assignee: (unassigned) => Simon Quigley (tsimonq2)
** Changed in: menu-cache (Ubuntu)
Assignee: Simon Quigley (tsimonq2) => (unassigned)
** Changed in: menu-cache (Ubuntu)
Status: In Progress => Fix Released
** Changed in: menu-cache (Ubuntu Trusty)
Status: New => In Progress
** Changed in: menu-cache (Ubuntu Xenial)
Status: New => Incomplete
** Changed in: menu-cache (Ubuntu Xenial)
Status: Incomplete => In Progress
** Changed in: menu-cache (Ubuntu Zesty)
Status: New => In Progress
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1703564
Title:
[CVE] Socket may be blocked by another user
Status in menu-cache package in Ubuntu:
Fix Released
Status in menu-cache source package in Trusty:
In Progress
Status in menu-cache source package in Xenial:
In Progress
Status in menu-cache source package in Zesty:
In Progress
Bug description:
The socket placed in /tmp is predictable and public-writable. Therefore
if one user placed a symlink to another socket instead of socket for
another use then said another user will either be unable to get menu, or
will receive menu of some other user. Upstream released a fix for this
issue:
https://git.lxde.org/gitweb/?p=lxde/menu-
cache.git;a=commitdiff;h=56f66684592abf257c4004e6e1fff041c64a12ce
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/menu-cache/+bug/1703564/+subscriptions