A potential security flaw is found on LXDE products, which create socket under /tmp with some predictable names, which may leads to DOS. The security flow on lxterminal is now assigned as CVE-2016-10369. Some other components also had similar issues.
These new rpms should fix these issues.
At least relogin is required to make this fix effect.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2017-3f2d5790d2Please log in to add feedback.
This update has been submitted for testing by mtasaka.
This update has been pushed to testing.
mtasaka edited this update.
mtasaka edited this update.
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by mtasaka.
This update has been pushed to stable.