You are not logged in.

Pages: 1

#1 2021-08-13 19:49:25

tempp
Member
Registered: 2021-08-13
Posts: 1

CVE-2020-11867 - Audacity

https://security.archlinux.org/CVE-2020-11867
Status : Vulnerable

Real Status : Fixed
https://github.com/audacity/audacity/co … 4bc1d91b6a
https://github.com/audacity/audacity/pull/700

Offline

#2 2021-08-13 20:01:41

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: CVE-2020-11867 - Audacity

Did you have a question?

It may be fixed upstream, but Arch is still on a previous version due to all of the current Audacity packaging issues.

No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

#3 2021-08-14 07:31:59

seth
Member
Registered: 2012-09-03
Posts: 60,922

Re: CVE-2020-11867 - Audacity

Audacity saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.

https://github.com/audacity/audacity/issues/1213

lol

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#4 2021-08-31 19:59:52

ttyylvt
Member
Registered: 2021-08-31
Posts: 1

Re: CVE-2020-11867 - Audacity

Slithery wrote:

Did you have a question?

It may be fixed upstream, but Arch is still on a previous version due to all of the current Audacity packaging issues.

Should probably add https://github.com/audacity/audacity/issues/522 to the references... ?

Offline

Pages: 1

Board footer

Powered by FluxBB