This bug was fixed in the package lxterminal - 0.2.0-1ubuntu0.1 --------------- lxterminal (0.2.0-1ubuntu0.1) xenial-security; urgency=high
* SECURITY UPDATE: insecure /tmp use denial of service (LP: #1690416) - debian/patches/fix-CVE-2016-10369.patch - CVE-2016-10369 -- Simon Quigley <tsimo...@ubuntu.com> Tue, 11 Jul 2017 00:48:57 -0500 ** Changed in: lxterminal (Ubuntu Xenial) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1690416 Title: [CVE] socket can be blocked by another user Status in lxterminal package in Ubuntu: Fix Released Status in lxterminal source package in Trusty: Confirmed Status in lxterminal source package in Xenial: Fix Released Status in lxterminal source package in Zesty: Fix Released Status in lxterminal source package in Artful: Fix Released Bug description: unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxterminal/+bug/1690416/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp