[02:01] <amurray> fwiw I just retried all those failed thunderbird 102 builds as requested by ricotz earlier
[15:02] <ItzSwirlz> Hey security team, Nemo may also have CVE-2022-37290
[15:02] -ubottu:#ubuntu-security- GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37290>
[15:02] <ItzSwirlz> look at the merge request for the nautilus and nemo's 	code - https://github.com/linuxmint/nemo/blob/0686ec5f75c0456c140c79169607cf6b5ef44175/libnemo-private/nemo-file-operations.c#L829
[15:02] <ItzSwirlz> (Nemo is built off of nautilus)
[15:03] <ItzSwirlz> I believe it is. I'm sending an email right now to the nemo devs
[15:04] <mdeslaur> ItzSwirlz: thanks, I'll add it to our tracker
[15:04] <ItzSwirlz> thanks, I'll also check caja and thunar. The code is scarily similar
[15:09] <ItzSwirlz> found it in caja - https://github.com/mate-desktop/caja/blob/14dd4822ddbcafecd3bfb283920b6a60507134bd/libcaja-private/caja-file-operations.c#L831
[15:13] <ItzSwirlz> not in thunar
[22:22] <JanC> while Nemo & Caja are Nautilus forks, Thunar is not AFAIK (but it's always possible they reused some code, of course)