A security issue fixed upstream in pcmanfm has been announced:
Mageia 5 is probably also affected.
The updated package fixes a security vulnerability:
PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (application unavailability). (CVE-2017-8934)
Updated packages in core/updates_testing:
$ uname -a
Linux localhost 4.4.68-desktop-1.mga5 #1 SMP Sun May 14 18:41:19 UTC 2017 i686 i686 i686 GNU/Linux
running LXDE in vbox
The following package is going to be installed:
110B of additional disk space will be used.
269KB of packages will be retrieved.
Is it ok to continue?
I opened it from the terminal and opened some files - it is working properly.
opened via menu - tools - system tools - working as designed.
Testing M5_64, LXDE
Updated pcmanfm to: pcmanfm-1.2.3-2.3.mga5
Tried various things from the menus as well as normal filesystem browsing. It seems to work as normal. OKing & validating; advisory already there.
advisory mga5-32-ok =>
advisory mga5-32-ok MGA5-64-OKCC:
An update for this issue has been pushed to the Mageia Updates repository.