[MIR] xsettings-kde
Bug #930384 reported by
Philip Muškovac
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| xsettings-kde (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
xsettings-kde will be used to set the default GTK3 theme in Kubuntu Precise so it needs to be in main.
There are no open bugs about the package in ubuntu and debian.
Q/A was done by the Kubuntu team.
It has no UI.
packaging meets the MIR requirements.
No CVEs
Revision history for this message
| Michael Terry (mterry) wrote | #1 |
| Changed in xsettings-kde (Ubuntu): | |
| status: | New → Incomplete |
Revision history for this message
| Philip Muškovac (yofel) wrote | #2 |
| Changed in xsettings-kde (Ubuntu): | |
| status: | Incomplete → New |
| Changed in xsettings-kde (Ubuntu): | |
| status: | New → Fix Committed |
Revision history for this message
| Martin Pitt (pitti) wrote | #3 |
| Changed in xsettings-kde (Ubuntu): | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
This is mostly fine. Simple enough program, simple packaging, not fast moving. Does anyone know what the story is with Debian on this package?
It does use sprintf unsafely a few places, but always when reading from a 'trusted' location like /etc/kderc. So doesn't seem like a reasonable attack vector.
There is one low-quality red flag that I want to block on though: kubuntu_
xsettings-
Seems like the patch just needs to add a '= NULL" to the declaration of password.