[Pkg-utopia-maintainers] Bug#1132939: xdg-dbus-proxy CVE-2026-34080: Eavesdrop filter bypass allows message interception
Simon McVittie
smcv at debian.org
Mon Apr 13 10:19:06 BST 2026
On Sun, 12 Apr 2026 at 17:41:22 +0000, Moritz Mühlenhoff wrote:
>> On Tue, 07 Apr 2026 at 21:09:26 +0100, Simon McVittie wrote:
>> debdiff and source package here:
>> https://people.debian.org/~smcv/temp/2026/CVE-2026-34080/
>>
>> functionally-equivalent test-build with a slightly lower version number:
>> https://people.debian.org/~smcv/temp/2026/CVE-2026-34080/testbuild/
>
>Let's also fix this via a DSA. debdiff looks good, please build with -sa
>and upload to security-master.
Uploaded. I'll try to get to the bookworm backport at some point,
probably as a batch with backporting the recent security fix for flatpak
(it makes sense to test them together, even if they aren't necessarily
released together).
smcv
More information about the Pkg-utopia-maintainers
mailing list