Your message dated Tue, 03 Mar 2026 20:34:17 +0000
with message-id <[email protected]>
and subject line Bug#1033848: fixed in hotspot 1.6.0-0.1
has caused the Debian Bug report #1033848,
regarding hotspot: CVE-2023-28144
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1033848: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033848
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: hotspot
Version: 1.3.0-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for hotspot.
CVE-2023-28144[0]:
| KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default
| configuration, allows privilege escalation because of race conditions
| involving symlinks and elevate_perf_privileges.sh chown calls.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-28144
https://www.cve.org/CVERecord?id=CVE-2023-28144
[1] https://www.openwall.com/lists/oss-security/2023/03/14/8
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: hotspot
Source-Version: 1.6.0-0.1
Done: Boyuan Yang <[email protected]>
We believe that the bug you reported is fixed in the latest version of
hotspot, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Boyuan Yang <[email protected]> (supplier of updated hotspot package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 03 Mar 2026 13:33:42 -0500
Source: hotspot
Architecture: source
Version: 1.6.0-0.1
Distribution: unstable
Urgency: medium
Maintainer: Yanhao Mo <[email protected]>
Changed-By: Boyuan Yang <[email protected]>
Closes: 1025573 1033848 1112994 1124832
Changes:
hotspot (1.6.0-0.1) unstable; urgency=medium
.
* Non-maintainer upload.
* New upstream release.
+ Migrate to Qt6 and KF6. (Closes: #1112994, #1124832)
+ Fix CVE-2023-28144. (Closes: #1033848)
* debian/control: Update build-deps.
* debian/control: Replace dependency on policykit-1 with pkexec.
(Closes: #1025573)
* debian/patches: Drop old patches.
Checksums-Sha1:
a5482e49ce55ce06fed3e4fda727884b6e009982 2813 hotspot_1.6.0-0.1.dsc
e1e6e530a95ac3ff3cf7ffa5c9ad867f2040e220 21451
hotspot_1.6.0.orig-PrefixTickLabels.tar.gz
928285a39e7e59debc3ec731e568b3ac79723493 3312538
hotspot_1.6.0.orig-perfparser.tar.gz
649c85fb25f405f133fa6cf6ba34e3ba7aa8105c 4107961 hotspot_1.6.0.orig.tar.gz
f0205e1bcfb072627716389d8f4173b68de3e2af 3992 hotspot_1.6.0-0.1.debian.tar.xz
ace2c084df57ba600871d60f48acd7c5b40eee04 23404
hotspot_1.6.0-0.1_amd64.buildinfo
Checksums-Sha256:
c60388e98577646c076d21fb9fdc18f2331e04ece7ebc8398a80cc0ed82e28cd 2813
hotspot_1.6.0-0.1.dsc
2741dabd2c170aa3f259ff204f7b8e9b8e35db4ea1d21bc85c00a4b46448430d 21451
hotspot_1.6.0.orig-PrefixTickLabels.tar.gz
ab05ed61338a0e4806f06af3d74a4b4217379c2d88c868c94b2b5bd3e0f1aa92 3312538
hotspot_1.6.0.orig-perfparser.tar.gz
3741c4ec60cf8f84bc4767e4eb0a9a8c1975271af5e5ab2f9c261155599eb928 4107961
hotspot_1.6.0.orig.tar.gz
7909c0e931bb29a0133a746a12729cf8e2b323cdf189858178ed1eef4c453abe 3992
hotspot_1.6.0-0.1.debian.tar.xz
a347357564cbb6c977a1e983f006251588adc9d0a7f78654786ef9a2a31271c5 23404
hotspot_1.6.0-0.1_amd64.buildinfo
Files:
2a6e6809bc0abeb4a50bca1c7c86fa28 2813 utils optional hotspot_1.6.0-0.1.dsc
b44b245f3e96473ec1e9196918eac725 21451 utils optional
hotspot_1.6.0.orig-PrefixTickLabels.tar.gz
b39e83d3188c9e0a355e9f09189a7755 3312538 utils optional
hotspot_1.6.0.orig-perfparser.tar.gz
ade46b783b83f611437486e812197f20 4107961 utils optional
hotspot_1.6.0.orig.tar.gz
643b23212b71c5d276e294d49663bb46 3992 utils optional
hotspot_1.6.0-0.1.debian.tar.xz
6f3fbf43ce2de700f7aab9ac6d5829b2 23404 utils optional
hotspot_1.6.0-0.1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfncpR22H1vEdkazLwpPntGGCWs4FAmmnOK8ACgkQwpPntGGC
Ws41XRAAhyDa6wRJCZx43DDYKXE/VZawrSRrxiqVmAmkK3UJBr+hvEZX77XsaIZV
UW8QZIa1yp67MYkVQY1FEU/BWWCc5xmsq2LAn78e2nuIINCNHSu6rWw2C07hnp3+
WkmQ4dkgN9P0/nfdZbk+Fcob5UUoIxjMjsUg7agbahGELHOlmkQ7V3DRM5ZfXDNW
4Z+znMcLrrXkrl66IQdOD1+3zSSIPWafQXRa/z35lbgkCizot6Y1vPY/VkUzqiYp
tdskM7uJZDBWHOcORlfr8DcUSHXYj7T+XdwF13ok+Dv56mgiWeIJGFv7UTJ4vA2+
Fz2JgYbovt61veKNOsKPSCbgqwe40JpTYUMTcUWLUFoSwLVBI16lj8JqktA46C7N
0ImWGBI7cYc4ICkINw4VCS3kuRD79GgplEsSQuQ6/zYvR1PrlP+oxaa/OunOIpXf
ZiJ8inZK6dDhdwACXJf48tkNBzW+d8cn3m1RmmP7HYc/EFS3MEh7Y2nPFBZSIcIB
GgumFua7IaP6WdZa0PeDlbZy2MICW+JwXoCNMC8jhSjsv4IrBNeX1ZYevC4YT0St
JRf14y321f4HQa3p0cqhXb/7bS1qb/tdJNpMIOlIBR7Bmltwj1ejc9+beSouO528
OHnS4z70jHsLvs0D6Zbm8oZff3OXteD/HakdRIW+ZGH32yk2wiw=
=NLSK
-----END PGP SIGNATURE-----
pgpWWd3PN3774.pgp
Description: PGP signature
--- End Message ---
