From 15e26ec11cbc13383d8628ba90848fb86630ce55672b94a1e89dc5333543f876 Mon Sep 17 00:00:00 2001 From: Callum Farmer Date: Thu, 14 Dec 2023 13:04:31 +0000 Subject: [PATCH] Accepting request 1133096 from home:gmbr3:Solus - Budgie Extras 1.7.1 "Tinker Tailor..." * CVE-2023-49347: budgie-wpreviews: use of fixed paths in /tmp (bsc#1213341) * CVE-2023-49344: windowshufflerdaemon: uses various fixed /tmp file paths (bsc#1213342) * CVE-2023-49345: budgie-takeabreak: fixed /tmp path use in /tmp/nextbreak_ (bsc#1216281) * CVE-2023-49346: budgie-weathershow: use of fixed path in /tmp/_weatherdata (bsc#1216282) * CVE-2023-49342: budgie-clockworks: uses fixed temporary files in /tmp/_clockworks (bsc#1217595) * CVE-2023-49343: budgie-dropby: use of fixed paths in /tmp/_call_dropby and /tmp/_dropby_icon_copy (bsc#1217597) OBS-URL: https://build.opensuse.org/request/show/1133096 OBS-URL: https://build.opensuse.org/package/show/X11:Solus/budgie-extras?expand=0&rev=25 --- budgie-extras-1.7.0.tar.xz | 3 --- budgie-extras-1.7.0.tar.xz.asc | 16 ---------------- budgie-extras-1.7.1.tar.xz | 3 +++ budgie-extras-1.7.1.tar.xz.asc | 16 ++++++++++++++++ budgie-extras.changes | 18 ++++++++++++++++++ budgie-extras.spec | 2 +- 6 files changed, 38 insertions(+), 20 deletions(-) delete mode 100644 budgie-extras-1.7.0.tar.xz delete mode 100644 budgie-extras-1.7.0.tar.xz.asc create mode 100644 budgie-extras-1.7.1.tar.xz create mode 100644 budgie-extras-1.7.1.tar.xz.asc diff --git a/budgie-extras-1.7.0.tar.xz b/budgie-extras-1.7.0.tar.xz deleted file mode 100644 index 22a33ef..0000000 --- a/budgie-extras-1.7.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9605a79006dadc293ea7e4dbbf01dbf411c732a7fa82252ba29664fbd962d89c -size 10104956 diff --git a/budgie-extras-1.7.0.tar.xz.asc b/budgie-extras-1.7.0.tar.xz.asc deleted file mode 100644 index 5d26182..0000000 --- a/budgie-extras-1.7.0.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEHh+wAXyZiorixJimwuqoomrcWe4FAmTT3MkACgkQwuqoomrc -We5QhBAAjrqxASsovi6rpStAz+KtvqppYEH4LD3pKnPGbYcJhH3VI9t2GI/k/bAu -TYgFLtY74cbpIysGtWq7871JZaNJdrVO7lpB2Iy0fAMEFsUFexCgDiSMqjp0ptri -8FpJA9Nw+ejDhc4wG2D0aRAiSO6az+tUJHwl9UjiA+Sz4LMVgasloKuFDe9yK/dW -UihwRfvfM5JSauCXohpWlL5YFNbK3nnlquxZXCmku/jsBnlyhJ2+yWwDWUmeWqYc -nzU8AyvKRtd5SoF+CEziHfBghPCUM0DzeYpmFz0F0nFXqfPt6Bu+JuwhSvqpVL3z -kVJdtZAgshT4pvAeIxDLBmIzwwM6sZckK1qJL55xKgNfzh5L7Pjy5EJfHxs12TPi -Osz+6gANZrBEvYBi+lLZxN2MJ5o3YfFH0tbYseFpAyenRfCvsDtrJVR/Adtwx+dl -DiA+8yGT2zaplaqODM1NuJteUvjEerV17qdLcNOXo95QktUAt00ujoesYUUTpdH3 -LFsQg5KjlBjEeeaIXox9jXgD5Mn1vhznNdSShP+TpqXfBfPwo8h2fZq85ZTCifOQ -AnEl4i7daBjKIFCboLLfibty0TCMy7hiRcOxAqjb19GTdcdVVIrpLtVzz2C2cyV3 -3i6bGTMr0DHeiOeBabpUVvvkJZSlanYdGlWV7+HLo7ZMyjAHQmw= -=LkyQ ------END PGP SIGNATURE----- diff --git a/budgie-extras-1.7.1.tar.xz b/budgie-extras-1.7.1.tar.xz new file mode 100644 index 0000000..dd8df5c --- /dev/null +++ b/budgie-extras-1.7.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1d3a326b3e8066206fe57322f4c6d4d71f5a8c7c798b76399a6a8d2690139c78 +size 10048040 diff --git a/budgie-extras-1.7.1.tar.xz.asc b/budgie-extras-1.7.1.tar.xz.asc new file mode 100644 index 0000000..a7e898a --- /dev/null +++ b/budgie-extras-1.7.1.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEHh+wAXyZiorixJimwuqoomrcWe4FAmVs0XEACgkQwuqoomrc +We69oQ/+KbfyIKA9clB5eysVyT4FrYNzPsyIHIOmsCqP38qEmdOr8SAI4fnldzZ1 +Gzmr2oo+eaWE0swCO/Va4yAeJ5hpGmv82pBmfS8v1nyyU3KtKzo80A3eise5w8QC +DV5mehuzgL3Sv8EOzzTO9s6XZZjqcZsjxMltWiW0aMELdiY1AZ+pmEe9+sRaWDy4 +cGBeTOrw5N3+li7WdEYWDI9pD9MFXK8LFRqOGk9ZdILse2h+rwe+oTrUEqz+BGie +Otq9FHaoIomMHN/hqH5pmr7m80XZ9Chyg/QUywSwcilg4y7fCCjC8/RyCmKBiwaK +8Hy+HdVVNyIU/DAQ1fMxx3KgQM28yTZm6DP5rFZ2y6t/o2OqTrNuCRZr+a2OP2+/ +PiSdoInOKDX/Ew59wFClZQ+VosIpX/mT8tTupL2laxLdOVhy5eFC2tX0gKB5B07Y +IGFePW5SCsLnlmlBqHiY8vbDHniIkMiMG0HIDv8r/XHQ9XKe6R4c6gPVrKi9Z5uD +1m7DoxX49LLhRXiDg3n+NTolO1BgNXwA7L9jv8ue7XgcEbuNNmXdzL/ayO6NocQ4 +XQvYzO7HkeBtnJJ3i9TKANIBbTDKL+Bl3KY3awEW91L1IZOByuYkGdTpj9OuuhOv +bvW5d7Ib1fInndX5NUdDEXuHYBDrYVMzUQog9N9tSCwOv1fV6qM= +=NQ4X +-----END PGP SIGNATURE----- diff --git a/budgie-extras.changes b/budgie-extras.changes index 1b560c3..44ddc53 100644 --- a/budgie-extras.changes +++ b/budgie-extras.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Thu Dec 14 12:58:56 UTC 2023 - Callum Farmer + +- Budgie Extras 1.7.1 "Tinker Tailor..." + * CVE-2023-49347: budgie-wpreviews: use of fixed paths in /tmp + (bsc#1213341) + * CVE-2023-49344: windowshufflerdaemon: uses various fixed /tmp + file paths (bsc#1213342) + * CVE-2023-49345: budgie-takeabreak: fixed /tmp path use in + /tmp/nextbreak_ (bsc#1216281) + * CVE-2023-49346: budgie-weathershow: use of fixed path in + /tmp/_weatherdata (bsc#1216282) + * CVE-2023-49342: budgie-clockworks: uses fixed temporary files + in /tmp/_clockworks (bsc#1217595) + * CVE-2023-49343: budgie-dropby: use of fixed paths in + /tmp/_call_dropby and /tmp/_dropby_icon_copy + (bsc#1217597) + ------------------------------------------------------------------- Fri Nov 24 13:24:39 UTC 2023 - Callum Farmer diff --git a/budgie-extras.spec b/budgie-extras.spec index 2ac96e0..b76c48d 100644 --- a/budgie-extras.spec +++ b/budgie-extras.spec @@ -24,7 +24,7 @@ %define _distconfdir %{_sysconfdir} %endif Name: budgie-extras -Version: 1.7.0 +Version: 1.7.1 Release: 0 Summary: Additional Budgie Desktop enhancements for user experience License: GPL-3.0-or-later