*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
I can reproduce the findings in https://www.openwall.com/lists/oss-security/2025/08/04/1 with stardict-plugin 3.0.7+git20220909+dfsg-4build4 on 24.04. I believe Vincent is right, and network dictionaries should be disabled by default. > It [w]as fixed at that time by disabling netdict at build time, but has apparently reappeared. ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: stardict-plugin 3.0.7+git20220909+dfsg-4build4 ProcVersionSignature: Ubuntu 6.14.0-27.27~24.04.1-generic 6.14.6 Uname: Linux 6.14.0-27-generic x86_64 ApportVersion: 2.28.1-0ubuntu3.8 Architecture: amd64 CasperMD5CheckResult: unknown Date: Tue Aug 5 14:39:08 2025 InstallationDate: Installed on 2019-02-20 (2358 days ago) InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725) SourcePackage: stardict UpgradeStatus: Upgraded to noble on 2025-07-15 (21 days ago) ** Affects: stardict (Ubuntu) Importance: Undecided Assignee: Sudhakar Verma (sudhackar) Status: New ** Tags: amd64 apport-bug community-security noble -- StarDict sends the user's X11 selection to the network https://bugs.launchpad.net/bugs/2119534 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
