Accepted budgie-extras 1.7.1-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted budgie-extras 1.7.1-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 14 Dec 2023 07:34:10 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: budgie-extras_1.7.1-1_source.changes
- Debian-source: budgie-extras
- Debian-suite: unstable
- Debian-version: 1.7.1-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=S+C6JKoGHZI0cL6DXv8HRtA/CwzZ7JzFhzitR9KocTc=; b=WPn9mdJwemZaKVp3jQxb+uvhwS s62eFH96mGdF6sZFVAuBukw4OJY2CoweaY0A6HaiMsijqz7e/bK1bPehn6OScKhH1W5JQri5UGq1D Yd9luKdNxqJ/9snMMhIfuluG2K7j7Cjo8uqE1n8Y8KLKikZYjjpAWFs1Yn1LtjpMCn97al9nASosZ qV59IKh6gs6jrpvwUpnr2Pp/vNBihziE6xEVUzfvDvp87TwSrsHDiuq6UsNjqJyHq9g5evXJA5WYm NETPIehBQ12vTpg0YR5HN6N0YOLlSwFp7owYhBvy7c0kKWNl6+2Gf2usLq15ZI9hAc82lJAUP+ljq 80pWm4Lw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1rDgEU-00Gn7z-KI@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 03 Dec 2023 19:11:30 +0000
Source: budgie-extras
Built-For-Profiles: noudeb
Architecture: source
Version: 1.7.1-1
Distribution: unstable
Urgency: medium
Maintainer: David Mohammed <fossfreedom@ubuntu.com>
Changed-By: David Mohammed <fossfreedom@ubuntu.com>
Launchpad-Bugs-Fixed: 2044373
Changes:
budgie-extras (1.7.1-1) unstable; urgency=medium
.
* SECURITY UPDATE: Predictable /tmp path could lead to
denial-of-service/manipulation of data for clockworks applet
(LP: #2044373)
- d/patches/clockwork-tmpxdg.patch: change /tmp path
usage to use XDG_RUNTIME_DIR/HOME user-space locations,
thanks to original author
d/patches/clockwork-tmpxdg-pep8.patch: resolve pep8
package test failure, thanks to original author
- CVE-2023-49342
* SECURITY UPDATE: Predictable /tmp path could lead to
denial-of-service/manipulation of data for dropby applet
(LP: #2044373)
- d/patches/dropby-tmpxdg.patch: change /tmp path
usage to use XDG_RUNTIME_DIR/HOME user-space locations
d/patches/dropby-tmpxdg-pep8.patch: resolve pep8
package test failure, thanks to original author
- CVE-2023-49343
* SECURITY UPDATE: Predictable /tmp path could lead to
denial-of-service/manipulation of data for shuffler app
(LP: #2044373)
- d/patches/shuffler-tmpxdg.patch: change /tmp path
usage to use XDG_RUNTIME_DIR/HOME user-space locations,
thanks to original author
- CVE-2023-49344
* SECURITY UPDATE: Predictable /tmp path could lead to
denial-of-service/manipulation of data for takeabreak
applet (LP: #2044373)
- d/patches/takeabreak-tmpxdg.patch: change /tmp path
usage to use XDG_RUNTIME_DIR/HOME user-space locations,
thanks to original author
d/patches/takeabreak-tmpxdg-pep8.patch: resolve pep8
package test failure, thanks to original author
d/patches/takeabreak-tmpxdg-pep8_part2.patch: resolve pep8
package test failure, thanks to original author
- CVE-2023-49345
* SECURITY UPDATE: Predictable /tmp path could lead to
denial-of-service/manipulation of data for weathershow
applet (LP: #2044373)
- d/patches/weathershow-tmpxdg.patch: change /tmp path
usage to use XDG_RUNTIME_DIR/HOME user-space locations,
thanks to original author
- CVE-2023-49346
* SECURITY UPDATE: Predictable /tmp path could lead to
denial-of-service/manipulation of data for window
previews applet (LP: #2044373)
- d/patches/wpreviews-tmpxdg.patch: change /tmp path
usage to use XDG_RUNTIME_DIR/HOME user-space locations,
thanks to original author
- CVE-2023-49347
* Drop existing patch since the new release incorporates this
Checksums-Sha1:
a5fb281a83ed250014f696a31f3245a59384410d 4800 budgie-extras_1.7.1-1.dsc
67cb464d4b88f35b17fdd0c4efe7c2813fc769eb 10048040 budgie-extras_1.7.1.orig.tar.xz
660eb6478eff8e81531627410c983c618a0d2ff4 833 budgie-extras_1.7.1.orig.tar.xz.asc
88b4d1be352d3a5b0767dc9208ab6e701318a104 19520 budgie-extras_1.7.1-1.debian.tar.xz
e7fc7d06adac3844669ff48468bb3177a746b20a 23134 budgie-extras_1.7.1-1_source.buildinfo
Checksums-Sha256:
c7c8044aefc620ac1049aa2f81883f83c6e766c31b8ad65686e0a83ecaf6a03e 4800 budgie-extras_1.7.1-1.dsc
1d3a326b3e8066206fe57322f4c6d4d71f5a8c7c798b76399a6a8d2690139c78 10048040 budgie-extras_1.7.1.orig.tar.xz
b025e68504b3de0a53fc982dd3c9b5d2078f78e50b08b7d50e7ce24788fa70a2 833 budgie-extras_1.7.1.orig.tar.xz.asc
efe94fdcc402197ddfd8f9cbae254484eb3ecac105a78b3aa476ecdba7c88136 19520 budgie-extras_1.7.1-1.debian.tar.xz
4d83e7c10376aaa5768ad9f12d4587bed4dddfa97417342495951f72df649fc7 23134 budgie-extras_1.7.1-1_source.buildinfo
Files:
cfb8345bae2203d7c3218caec4870fa6 4800 misc optional budgie-extras_1.7.1-1.dsc
99028c4f647a7d969286854e6cda6a6a 10048040 misc optional budgie-extras_1.7.1.orig.tar.xz
4cd2f69ef54c9b56a4745002e9b17d3a 833 misc optional budgie-extras_1.7.1.orig.tar.xz.asc
3706307e4693e82f85d276de46f8f449 19520 misc optional budgie-extras_1.7.1-1.debian.tar.xz
e2ffc0c8ab1df3ebcbe10ba820be7c7a 23134 misc optional budgie-extras_1.7.1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEHh+wAXyZiorixJimwuqoomrcWe4FAmV6rNIACgkQwuqoomrc
We7bPg/9EocM0d73cUHIRE9zE/oEYYgjlncqHHyGJLbCGukJtyiOaaMJ/+aogjwt
Gbij8HB9Mm3nVfd2pmLlFUCN9HjmLvuRZEH0tz8gEW/x0/Qvs+kWqrZXgQofifvu
pGhbgl8JSRVZL/s6KLm+z0z/1GUW4SRRZGlrd6b5XFIn/OJnBZo8FsdXSt9XvgSh
h2fY2YnYOJ+65PJdk66K1Kl/iZ34v2CK8awOH4Oe1Wr5FPhhizEMrAWEStZFeCe9
PWdNMR+8N+8qKS2S9v0+M+TqvVs/H8ltlLknCZCkPdGHBheK/v7WU2KZqTsrCPsL
a4+LGfR7PE3BFf+SYz2OynUMuzawQlwHOTMDjHvJcrsG2rJ1bOTFJVmgsDyZynfY
ZP2/CMpD8vTvzqJ4Pl7dR3rLGscqICk58LWOcIhruz8BTwbABnYAkRbzg+SdlyCd
YcWrrEyJOHORlSgqJTgMQ0uf/6JNKjWrXmfbMK68dDBrVb7ofZU5XiN1kcdZ+D26
Jzm5OkSRcp7jPHDHbk/OxzFhT3beR5e5rtFpZX6wFrHYmXp8k5M1SazBlcz5M8TD
0wxNvO5ml7x/UeZ/axj0v1RPyINC1XacDtwnj1PaFE1WTcJXx+iaNBWMXqvsvNNb
U9zjg/9ZUPp8Zs56B2YCsBI29BnEpKwEzUX6Rtmj8cnZdImkyNI=
=+Y2P
-----END PGP SIGNATURE-----