Accepting request 1133096 from home:gmbr3:Solus

- Budgie Extras 1.7.1 "Tinker Tailor..." * CVE-2023-49347: budgie-wpreviews: use of fixed paths in /tmp (bsc#1213341) * CVE-2023-49344: windowshufflerdaemon: uses various fixed /tmp file paths (bsc#1213342) * CVE-2023-49345: budgie-takeabreak: fixed /tmp path use in /tmp/nextbreak_<user> (bsc#1216281) * CVE-2023-49346: budgie-weathershow: use of fixed path in /tmp/<username>_weatherdata (bsc#1216282) * CVE-2023-49342: budgie-clockworks: uses fixed temporary files in /tmp/<user>_clockworks (bsc#1217595) * CVE-2023-49343: budgie-dropby: use of fixed paths in /tmp/<user>_call_dropby and /tmp/<user>_dropby_icon_copy (bsc#1217597) OBS-URL: https://build.opensuse.org/request/show/1133096 OBS-URL: https://build.opensuse.org/package/show/X11:Solus/budgie-extras?expand=0&rev=25
2023-12-14 13:04:31 +00:00 · 2023-12-14 13:04:31 +00:00 · 15e26ec11c
commit 15e26ec11c
parent 523a273558
6 changed files with 38 additions and 20 deletions
--- a/budgie-extras-1.7.0.tar.xz
+++ b/budgie-extras-1.7.0.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9605a79006dadc293ea7e4dbbf01dbf411c732a7fa82252ba29664fbd962d89c
-size 10104956
--- a/budgie-extras-1.7.0.tar.xz.asc
+++ b/budgie-extras-1.7.0.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEHh+wAXyZiorixJimwuqoomrcWe4FAmTT3MkACgkQwuqoomrc
-We5QhBAAjrqxASsovi6rpStAz+KtvqppYEH4LD3pKnPGbYcJhH3VI9t2GI/k/bAu
-TYgFLtY74cbpIysGtWq7871JZaNJdrVO7lpB2Iy0fAMEFsUFexCgDiSMqjp0ptri
-8FpJA9Nw+ejDhc4wG2D0aRAiSO6az+tUJHwl9UjiA+Sz4LMVgasloKuFDe9yK/dW
-UihwRfvfM5JSauCXohpWlL5YFNbK3nnlquxZXCmku/jsBnlyhJ2+yWwDWUmeWqYc
-nzU8AyvKRtd5SoF+CEziHfBghPCUM0DzeYpmFz0F0nFXqfPt6Bu+JuwhSvqpVL3z
-kVJdtZAgshT4pvAeIxDLBmIzwwM6sZckK1qJL55xKgNfzh5L7Pjy5EJfHxs12TPi
-Osz+6gANZrBEvYBi+lLZxN2MJ5o3YfFH0tbYseFpAyenRfCvsDtrJVR/Adtwx+dl
-DiA+8yGT2zaplaqODM1NuJteUvjEerV17qdLcNOXo95QktUAt00ujoesYUUTpdH3
-LFsQg5KjlBjEeeaIXox9jXgD5Mn1vhznNdSShP+TpqXfBfPwo8h2fZq85ZTCifOQ
-AnEl4i7daBjKIFCboLLfibty0TCMy7hiRcOxAqjb19GTdcdVVIrpLtVzz2C2cyV3
-3i6bGTMr0DHeiOeBabpUVvvkJZSlanYdGlWV7+HLo7ZMyjAHQmw=
-=LkyQ
-----END PGP SIGNATURE-----
--- a/budgie-extras-1.7.1.tar.xz
+++ b/budgie-extras-1.7.1.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1d3a326b3e8066206fe57322f4c6d4d71f5a8c7c798b76399a6a8d2690139c78
+size 10048040
--- a/budgie-extras-1.7.1.tar.xz.asc
+++ b/budgie-extras-1.7.1.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEHh+wAXyZiorixJimwuqoomrcWe4FAmVs0XEACgkQwuqoomrc
+We69oQ/+KbfyIKA9clB5eysVyT4FrYNzPsyIHIOmsCqP38qEmdOr8SAI4fnldzZ1
+Gzmr2oo+eaWE0swCO/Va4yAeJ5hpGmv82pBmfS8v1nyyU3KtKzo80A3eise5w8QC
+DV5mehuzgL3Sv8EOzzTO9s6XZZjqcZsjxMltWiW0aMELdiY1AZ+pmEe9+sRaWDy4
+cGBeTOrw5N3+li7WdEYWDI9pD9MFXK8LFRqOGk9ZdILse2h+rwe+oTrUEqz+BGie
+Otq9FHaoIomMHN/hqH5pmr7m80XZ9Chyg/QUywSwcilg4y7fCCjC8/RyCmKBiwaK
+8Hy+HdVVNyIU/DAQ1fMxx3KgQM28yTZm6DP5rFZ2y6t/o2OqTrNuCRZr+a2OP2+/
+PiSdoInOKDX/Ew59wFClZQ+VosIpX/mT8tTupL2laxLdOVhy5eFC2tX0gKB5B07Y
+IGFePW5SCsLnlmlBqHiY8vbDHniIkMiMG0HIDv8r/XHQ9XKe6R4c6gPVrKi9Z5uD
+1m7DoxX49LLhRXiDg3n+NTolO1BgNXwA7L9jv8ue7XgcEbuNNmXdzL/ayO6NocQ4
+XQvYzO7HkeBtnJJ3i9TKANIBbTDKL+Bl3KY3awEW91L1IZOByuYkGdTpj9OuuhOv
+bvW5d7Ib1fInndX5NUdDEXuHYBDrYVMzUQog9N9tSCwOv1fV6qM=
+=NQ4X
+-----END PGP SIGNATURE-----
--- a/budgie-extras.changes
+++ b/budgie-extras.changes
@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Thu Dec 14 12:58:56 UTC 2023 - Callum Farmer <gmbr3@opensuse.org>
+
+- Budgie Extras 1.7.1 "Tinker Tailor..."
+  * CVE-2023-49347: budgie-wpreviews: use of fixed paths in /tmp
+    (bsc#1213341)
+  * CVE-2023-49344: windowshufflerdaemon: uses various fixed /tmp
+    file paths (bsc#1213342)
+  * CVE-2023-49345: budgie-takeabreak: fixed /tmp path use in
+    /tmp/nextbreak_<user> (bsc#1216281)
+  * CVE-2023-49346: budgie-weathershow: use of fixed path in
+    /tmp/<username>_weatherdata (bsc#1216282)
+  * CVE-2023-49342: budgie-clockworks: uses fixed temporary files
+    in /tmp/<user>_clockworks (bsc#1217595)
+  * CVE-2023-49343: budgie-dropby: use of fixed paths in
+    /tmp/<user>_call_dropby and /tmp/<user>_dropby_icon_copy
+    (bsc#1217597)
+
 -------------------------------------------------------------------
 Fri Nov 24 13:24:39 UTC 2023 - Callum Farmer <gmbr3@opensuse.org>

--- a/budgie-extras.spec
+++ b/budgie-extras.spec
@ -24,7 +24,7 @@
 %define _distconfdir %{_sysconfdir}
 %endif
 Name:           budgie-extras
-Version:        1.7.0
+Version:        1.7.1
 Release:        0
 Summary:        Additional Budgie Desktop enhancements for user experience
 License:        GPL-3.0-or-later