| bluesabre | We don't have micro release exception, so we either need to create LP bugs for every bug since 1.8.14 or cherry pick that fix. | 10:43 |
|---|---|---|
| Unit193 | Don't think those exist anymore. | 10:44 |
| Unit193 | !mre | 10:44 |
| ubot3 | Micro Release Exceptions are approved by the Ubuntu Technical Board on a per-package basis for packages that cannot be acceptably handled through the Stable Release Update (!sru) process. See https://wiki.ubuntu.com/StableReleaseUpdates/MicroReleaseExceptions for more information. | 10:44 |
| bluesabre | https://wiki.ubuntu.com/StableReleaseUpdates#New_upstream_microreleases | 10:44 |
| bluesabre | Xfce doesn't meet these criteria | 10:45 |
| jphilips | here is the patch if it wants to be cherry picked https://gitlab.xfce.org/xfce/thunar/-/commit/1b85b96ebf7cb9bf6a3ddf1acee7643643fdf92d | 10:46 |
| ubot3 | Commit 1b85b96 in xfce/thunar "Dont execute files, passed via command line due to security risks" | 10:46 |
| jphilips | was hoping that translation updates since 1.8.14 could also get it for 20.04 users | 10:47 |
| Unit193 | CVE-2021-32563 | 10:47 |
| ubot3 | An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a command-line argument, it delegates to a different program (based on the file type) without user confirmation. This could be used to achieve code execution. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32563> | 10:47 |
| jphilips | s/get it/get in/ | 10:48 |
| jphilips | bluesabre: could this be xubuntu specific as others cant repo on none xubuntu distros - https://gitlab.xfce.org/xfce/xfce4-session/-/issues/106 | 11:16 |
| ubot3 | Issue 106 in xfce/xfce4-session "Triggering application on suspend does not work" [Opened] | 11:16 |
| bluesabre | It could be. ochosi might be a good candidate to verify... he may have written that code | 11:18 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!