group.of.nepali.translators team mailing list archive

[Simon Quigley <tsimonq2@xxxxxxxxxx>]

** Changed in: menu-cache (Ubuntu Trusty)
     Assignee: (unassigned) => Simon Quigley (tsimonq2)

** Changed in: menu-cache (Ubuntu Xenial)
     Assignee: (unassigned) => Simon Quigley (tsimonq2)

** Changed in: menu-cache (Ubuntu Zesty)
     Assignee: (unassigned) => Simon Quigley (tsimonq2)

** Changed in: menu-cache (Ubuntu)
     Assignee: Simon Quigley (tsimonq2) => (unassigned)

** Changed in: menu-cache (Ubuntu)
       Status: In Progress => Fix Released

** Changed in: menu-cache (Ubuntu Trusty)
       Status: New => In Progress

** Changed in: menu-cache (Ubuntu Xenial)
       Status: New => Incomplete

** Changed in: menu-cache (Ubuntu Xenial)
       Status: Incomplete => In Progress

** Changed in: menu-cache (Ubuntu Zesty)
       Status: New => In Progress

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1703564

Title:
  [CVE] Socket may be blocked by another user

Status in menu-cache package in Ubuntu:
  Fix Released
Status in menu-cache source package in Trusty:
  In Progress
Status in menu-cache source package in Xenial:
  In Progress
Status in menu-cache source package in Zesty:
  In Progress

Bug description:
  The socket placed in /tmp is predictable and public-writable. Therefore
  if one user placed a symlink to another socket instead of socket for
  another use then said another user will either be unable to get menu, or
  will receive menu of some other user. Upstream released a fix for this
  issue:

  https://git.lxde.org/gitweb/?p=lxde/menu-
  cache.git;a=commitdiff;h=56f66684592abf257c4004e6e1fff041c64a12ce

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/menu-cache/+bug/1703564/+subscriptions