For both of my debdiffs, I had to do some backporting using the methods used in the older code and I had to substitute the old methods in for the new ones when applying the patch, if that makes sense. To be more specific, here's what upstream did on the master branch:
- gchar * socket_path = g_strdup_printf("/tmp/.lxterminal-socket%s-%s", gdk_display_get_name(gdk_display_get_default()), g_get_user_name()); + gchar * socket_path = g_strdup_printf("%s/.lxterminal-socket-%s", g_get_user_runtime_dir(), gdk_display_get_name(gdk_display_get_default())); + printf("%s\n", socket_path); But here's what the existing code looked like in both the 0.2.0 and the 0.1.11 tags: gchar * socket_path = g_strdup_printf("/tmp/.lxterminal- socket%s-%s", gdk_get_display(), g_get_user_name()); As you can probably tell, the newer code changed compared to the old code. So I adapted the patch for the older methods used in the code, and here's what I ended up with: - gchar * socket_path = g_strdup_printf("/tmp/.lxterminal-socket%s-%s", gdk_get_display(), g_get_user_name()); + gchar * socket_path = g_strdup_printf("%s/.lxterminal-socket-%s", g_get_user_runtime_dir(), gdk_get_display()); + printf("%s\n", socket_path); After testing this out from my PPA (ppa:tsimonq2/lxterminal-bug-1690416) on both a Trusty and a Xenial system, it works just as intended (it creates the file in the correct location rather than in /tmp). Any concerns with my logic there? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1690416 Title: [CVE] socket can be blocked by another user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxterminal/+bug/1690416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs