The Precise Pangolin has reached end of life, so this bug will not be
fixed for that release
** Changed in: unity (Ubuntu Precise)
Status: Triaged => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: unity (Ubuntu Precise)
Status: Fix Released = Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051921
Title:
lens-bar-keynavigation periodically writes to /tmp/wut.png
** Changed in: unity/5.0
Status: Fix Committed = Fix Released
** Changed in: unity (Ubuntu Precise)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: unity
Milestone: 7.1.2 = 7.1.1
** Changed in: unity
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051921
Title:
Don't see there is anything for sponsors to do here (it's merged in
precise's branch already).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051921
Title:
lens-bar-keynavigation periodically
** Changed in: unity/5.0
Status: In Progress = Fix Committed
** Changed in: unity (Ubuntu Precise)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
[Impact]
- * Style::SquareButton writes a small png to /tmp/wut.png
- * If a user creates /tmp/wut.png as a symlink to some file on the system
writeable by the owner of the unity process, then he/she can destroy that file.
+ * Style::SquareButton writes a small
** Description changed:
[Impact]
* Style::SquareButton writes a small png to /tmp/wut.png
* If a user creates /tmp/wut.png as a symlink to some file on the system
writeable by the owner of the unity process, then he/she can destroy that file.
[Test Case]
- * log out, login
Thanks, Y'all!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051921
Title:
lens-bar-keynavigation periodically writes to /tmp/wut.png
To manage notifications about this bug go to:
** Description changed:
- Style::SquareButton writes a small png to /tmp/wut.png - see
- https://code.launchpad.net/~gordallott/unity/hud/+merge/90085
+ [Impact]
- If I make /tmp/wut.png a symlink to some file on the system writeable by
- the owner of the unity process, then I can get them to
** Patch added: proposed patch for precise
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1051921/+attachment/3777668/+files/lp1051921.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This bug was fixed in the package unity -
7.1.0+13.10.20130816.3-0ubuntu1
---
unity (7.1.0+13.10.20130816.3-0ubuntu1) saucy; urgency=low
[ Michal Hruby ]
* Make sure we emit row_added signals for all rows present in a model
when changing a model Model::SetModel(). (LP:
** Also affects: unity (Ubuntu Precise)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051921
Title:
lens-bar-keynavigation periodically writes to
** Changed in: unity (Ubuntu Precise)
Status: New = Triaged
** Changed in: unity (Ubuntu Precise)
Importance: Undecided = Low
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051921
Title:
** Also affects: unity
Importance: Undecided
Status: New
** Also affects: unity/5.0
Importance: Undecided
Status: New
** Changed in: unity
Milestone: None = 7.1.2
** Changed in: unity
Status: New = Triaged
** Changed in: unity/5.0
Status: New = Triaged
**
** Changed in: unity
Status: Triaged = In Progress
** Changed in: unity/5.0
Status: Triaged = In Progress
** Changed in: unity (Ubuntu)
Status: Triaged = In Progress
** Changed in: unity (Ubuntu Precise)
Status: Triaged = In Progress
** Changed in: unity
** Branch linked: lp:~bregma/unity/lp-1051921
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051921
Title:
lens-bar-keynavigation periodically writes to /tmp/wut.png
To manage notifications about
Fix committed into lp:unity at revision None, scheduled for release in
unity, milestone 7.1.1
** Changed in: unity
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Branch linked: lp:~bregma/unity/lp-1051921-5.0
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051921
Title:
lens-bar-keynavigation periodically writes to /tmp/wut.png
To manage notifications
The symlink restrictions are solely in the kernel, which people might have to
replace for various reasons. In other words: It might not be a security issue
on plain - unmodified - Ubuntu, but it is still a security issue.
Just sayin'
--
You received this bug notification because you are a
Verified by a trusted friend, and Unity has the following line from the
diff ref'd above:
cairo_surface_write_to_png(cairo_get_target(cr), /tmp/wut.png);
Seriously unclean. Also, unsafe usage of tmp.
** Changed in: unity (Ubuntu)
Importance: Undecided = Low
** Changed in: unity
No security impact because of the symlink restrictions in Ubuntuit's
just...bad coding.
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
22 matches
Mail list logo
