A security issue was fixed upstream in exo on June 6: https://gitlab.xfce.org/xfce/exo/-/commit/cc047717c3b5efded2cc7bd419c41a3d1f1e48b6 Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOStatus comment: (none) => Patch available from upstream
Fixed in cauldron with exo-4.17.2-1.mga9.
Source RPM: exo-4.17.1-2.mga9.src.rpm => exo-4.16.0-1.mga8.src.rpmWhiteboard: MGA8TOO => (none)Version: Cauldron => 8
Please test exo-4.16.0-1.1.mga8 from mga8 core/updates_testing. SRPMS: exo-4.16.0-1.1.mga8 RPMS: exo-4.16.0-1.1.mga8 lib(64)exo2_0-4.16.0-1.1.mga8 lib(64)exo-devel-4.16.0-1.1.mga8
Assignee: jani.valimaa => qa-bugs
MGA8-64 Xfce on Acer Aspire 5253 No installation issues. Found old bug 10657, but I don't get what it means. On my own, tried # urpmq --whatrequires exo exo lib64exo2_0 lib64exo2_0 thunar thunar xfce4-verve-plugin Then went on: $ strace -o exo.txt thunar Opened a NFS-share connection and opened an .odp file. This works OK, and trace shows usage of /usr/lib64/libexo-2.so.0 Furthermore the site https://docs.xfce.org/xfce/exo/start says (I quote) : "Exo is an Xfce library targeted at application development." And that is territory out of my league. So this test is somewhat more than a clean install, I gice the OK, unless someone else has other ideas.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA8-64-OK
Debian has issued an advisory for this on June 18: https://www.debian.org/security/2022/dsa-5164
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0238.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED