Package "budgie-kangaroo-applet"

  budgie-extras (1.4.0-1ubuntu3.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for clockworks applet
    (LP: #2044373)
    - d/patches/clockwork-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
      d/patches/clockwork-tmpxdg-pep8.patch: resolve pep8
      package test failure, thanks to original author
    - CVE-2023-49342
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for dropby applet
    (LP: #2044373)
    - d/patches Don-t-hard-code-tmp-in-window-shuffler-422.patch cherry-pick
      patch to allow the security patch to apply
    - d/patches/dropby-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations
      d/patches/dropby-tmpxdg-pep8.patch: resolve pep8
      package test failure, thanks to original author
    - CVE-2023-49343
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for shuffler app
    (LP: #2044373)
    - d/patches/shuffler-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
    - CVE-2023-49344
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for takeabreak
    applet (LP: #2044373)
    - d/patches/Don-t-hard-code-tmp-in-takeabreak-422.patch cherry-pick patch
      to allow the security patch to apply
    - d/patches/takeabreak-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
      d/patches/takeabreak-tmpxdg-pep8.patch: resolve pep8
      package test failure, thanks to original author
      d/patches/takeabreak-tmpxdg-pep8_part2.patch: resolve pep8
      package test failure, thanks to original author
    - CVE-2023-49345
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for weathershow
    applet (LP: #2044373)
    - d/patches/Don-t-hard-code-tmp-in-weathershow-422.patch cherry-pick patch
      to allow the security patch to apply
    - d/patches/weathershow-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
    - CVE-2023-49346
  * SECURITY UPDATE: Predictable /tmp path could lead to
    denial-of-service/manipulation of data for window
    previews applet (LP: #2044373)
    - d/patches Don-t-hard-code-tmp-in-previews-422.patch cherry-pick patch to
      allow the security patch to apply
    - d/patches/wpreviews-tmpxdg.patch: change /tmp path
      usage to use XDG_RUNTIME_DIR/HOME user-space locations,
      thanks to original author
    - CVE-2023-49347

 -- David Mohammed <email address hidden> Tue, 07 Nov 2023 23:29:45 +0000

  budgie-extras (1.4.0-1ubuntu3) jammy; urgency=medium

  [ Samuel Lane ]
  * Bug-fixes
    Prevent certain applets from exiting early after login
    - ensure Showtime applet stays running after login
      Use-Idle.add-to-spawn-Showtime-Desktop.patch (LP: #1999887)
    - ensure Weathershow desktop weather does not close early
      Use-Idle.add-to-spawn-desktop-weather.patch (LP: #1999887)
    - ensure background process for Dropby stays running after login
      Fix-occasional-bail-out-of-dropby-dropover-due-to-ti.patch (LP: 1999887)
    - ensure Workspace Wallpaper Switcher stays running after login
      Use-Idle.add-to-spawn-external-app.patch (LP: #1999887)
    - fix Wallstreet when using custom directories with spaces
      Fixed-wallstreet-for-custom-dir-with-spaces.patch (LP: #1971073)
      Removed-print-statement-for-testing.patch

 -- David Mohammed <email address hidden> Sun, 21 May 2023 10:58:25 +0100