A potential security flaw is found on LXDE products, which create socket under /tmp with some predictable names, which may leads to DOS. The security flow on lxterminal is now assigned as CVE-2016-10369. Some other components also had similar issues.
These new rpms should fix these issues.
At least relogin is required to make this fix effect.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2017-6950ea5d05Please login to add feedback.
This update has been submitted for testing by mtasaka.
works for me
This update has been pushed to testing.
no regressions noted
This update has been submitted for stable by bodhi.
mtasaka edited this update.
This update has been pushed to stable.