© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
Note that the original patch is against welcome.py, which isn't used by anything. The code is a partial rewrite of Failsafe-X into python, but it's still not quite done so I haven't switched over to it. And like I mentioned, that particular functionality is obsolete by apport now so should just go.
I've posted three commits to xdiagnose trunk:
http://
- This one just gets rid of the code from welcome.py. This is probably adequate to eliminate the security issue. Since like I said, this is not user facing at all, it causes no functional loss and thus should be no risk to backport to precise.
http://
- This drops the same functionality from the actual failsafe-X code that is user facing. This particular chunk of code doesn't have the security flaw (it calls mktemp properly). So not really a need to backport this. But you're welcome to if you'd like. I've tested that failsafe-x still works properly with this removed.
http://
- Changelog updates for above two changes.
jdstrand, go ahead and pick what you want from the above for past releases.
I'll roll the above out to quantal either today or tomorrow.