[MIR] xsettings-kde
Bug #930384 reported by
Philip Muškovac
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
xsettings-kde (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
xsettings-kde will be used to set the default GTK3 theme in Kubuntu Precise so it needs to be in main.
There are no open bugs about the package in ubuntu and debian.
Q/A was done by the Kubuntu team.
It has no UI.
packaging meets the MIR requirements.
No CVEs
Changed in xsettings-kde (Ubuntu): | |
status: | New → Fix Committed |
To post a comment you must log in.
This is mostly fine. Simple enough program, simple packaging, not fast moving. Does anyone know what the story is with Debian on this package?
It does use sprintf unsafely a few places, but always when reading from a 'trusted' location like /etc/kderc. So doesn't seem like a reasonable attack vector.
There is one low-quality red flag that I want to block on though: kubuntu_ gtktheme. patch introduces a compile warning that seems a genuine problem:
xsettings- kde.c:443: 11: warning: ‘password’ may be used uninitialized in this function [-Wuninitialized]
Seems like the patch just needs to add a '= NULL" to the declaration of password.