* Yves-Alexis Perez [2018-02-08 20:38:01 +0100]: > Hi, thanks for the bug report. Can you provide the upstream bug report on > this? I can't reproduce with: > > notify-send '<like this> &this' on xfce4-notifyd 0.4.1-1 so maybe it's been > fixed meanwhile.
The upstream bug numbers are #10027 and #14073. Yes, 0.4.1 includes some of the associated fixes, although as noted in https://bugzilla.xfce.org/show_bug.cgi?id=14073#c5 nothing short of xfce4-notifyd parsing the notification string itself will actually solve the problem, and this planned for 0.4.2 at the earliest. Apparently, only the body is subject to markup interpretation. Try notify-send 'markup test' '<like this> &this' On Debian stretch, this yields: xfce4-notifyd: Failed to set text '<like this> &this' from markup due to error parsing markup: Error on line 1 char 19: Odd character '>', expected a '=' after attribute name 'this' of element 'like' (and the body isn't shown to the user, only logged). > First, it's definitely not xfce4-notifyd sending this to syslog. More likely > it's just output to stdout/stderr and systemd forwards it to journal and the > syslog. The systemd unit file is part of this Debian package, and the information is being disclosed by xfce4-notifyd. That xfce4-notifyd doesn't call syslog() directly is just an implementation detail as far as I'm concerned.
Description: PGP signature