UbuntuUpdates.org

Package "budgie-dropby-applet"

Name: budgie-dropby-applet

Description:

Applet to popup when a USB device is connected
Latest version: 1.4.0-1ubuntu3.1
Release: jammy (22.04)
Level: security
Repository: universe
Head package: budgie-extras
Homepage: https://ubuntubudgie.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "budgie-dropby-applet"

All arch deb package
APT INSTALL

Other versions of "budgie-dropby-applet" in Jammy

Repository Area Version
base universe 1.4.0-1ubuntu2
updates universe 1.4.0-1ubuntu3.1

Changelog

Version: 1.4.0-1ubuntu3.1 2023-12-14 18:07:02 UTC

  budgie-extras (1.4.0-1ubuntu3.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for clockworks applet
    (LP: #2044373)
    - d/patches/clockwork-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
      d/patches/clockwork-tmpxdg-pep8.patch: resolve pep8
      package test failure, thanks to original author
    - CVE-2023-49342
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for dropby applet
    (LP: #2044373)
    - d/patches Don-t-hard-code-tmp-in-window-shuffler-422.patch cherry-pick
      patch to allow the security patch to apply
    - d/patches/dropby-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations
      d/patches/dropby-tmpxdg-pep8.patch: resolve pep8
      package test failure, thanks to original author
    - CVE-2023-49343
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for shuffler app
    (LP: #2044373)
    - d/patches/shuffler-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
    - CVE-2023-49344
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for takeabreak
    applet (LP: #2044373)
    - d/patches/Don-t-hard-code-tmp-in-takeabreak-422.patch cherry-pick patch
      to allow the security patch to apply
    - d/patches/takeabreak-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
      d/patches/takeabreak-tmpxdg-pep8.patch: resolve pep8
      package test failure, thanks to original author
      d/patches/takeabreak-tmpxdg-pep8_part2.patch: resolve pep8
      package test failure, thanks to original author
    - CVE-2023-49345
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for weathershow
    applet (LP: #2044373)
    - d/patches/Don-t-hard-code-tmp-in-weathershow-422.patch cherry-pick patch
      to allow the security patch to apply
    - d/patches/weathershow-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
    - CVE-2023-49346
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for window
    previews applet (LP: #2044373)
    - d/patches Don-t-hard-code-tmp-in-previews-422.patch cherry-pick patch to
      allow the security patch to apply
    - d/patches/wpreviews-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
    - CVE-2023-49347

 -- David Mohammed <email address hidden> Tue, 07 Nov 2023 23:29:45 +0000


About   -   Send Feedback to @ubuntu_updates