[Bug 1748247] Re: [CVE] Arbitrary command execution in the removable device notifier
Simon Quigley
tsimonq2 at ubuntu.com
Sat Mar 17 04:38:54 UTC 2018
I have uploaded these fixes (for Artful and Xenial) to a fresh, empty
test PPA of mine with all architectures enabled and only the security
repo enabled. I then tested both in VMs of each release, and they work
as intended. It also fixes the security issue.
Security Team, feel free to copy my packages to your PPA:
https://launchpad.net/~tsimonq2/+archive/ubuntu/security-test-builds/+sourcepub/8860818/+listing-archive-extra
https://launchpad.net/~tsimonq2/+archive/ubuntu/security-test-builds/+sourcepub/8860822/+listing-archive-extra
The diffs for each are on that page if you would like to do it manually.
Please sponsor each to go into Ubuntu.
Thanks.
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to Kubuntu PPA.
https://bugs.launchpad.net/bugs/1748247
Title:
[CVE] Arbitrary command execution in the removable device notifier
To manage notifications about this bug go to:
https://bugs.launchpad.net/kubuntu-ppa/+bug/1748247/+subscriptions
More information about the kubuntu-bugs
mailing list