Update to 3.32.1

Bug #1828735 reported by Sebastien Bacher on 2019-05-12
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nautilus (Ubuntu)
High
Unassigned
Disco
High
Unassigned

Bug Description

* Impact

That's a stable GNOME update, summary of the most important changes
https://ftp.acc.umu.se/pub/GNOME/sources/nautilus/3.32/nautilus-3.32.1.news

* Test case

The update is covered by the standard GNOME MRE, nothing specific to test but we should ensure nautilus still work without regression

* Regression potential

There are changes are the thumbnailing code, make sure previews keep working.

CVE References

Changed in nautilus (Ubuntu):
importance: Undecided → High
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nautilus - 1:3.32.1-0ubuntu1

---------------
nautilus (1:3.32.1-0ubuntu1) eoan; urgency=medium

  * New upstream release (lp: #1828735):
    - don't assert in nautilus_window_slot_get_location (lp: #1821435)
    - Fix CVE-2019-11461 "A compromised thumbnailer may escape
      the bubblewrap sandbox"
  * debian/patches/git_init_segfault.patch:
    - Removed, the fix is in the new version

 -- Sebastien Bacher <email address hidden> Sun, 12 May 2019 17:11:16 +0200

Changed in nautilus (Ubuntu):
status: Fix Committed → Fix Released

Hello Sebastien, or anyone else affected,

Accepted nautilus into disco-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/nautilus/1:3.32.1-0ubuntu0.19.04.0 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-disco to verification-done-disco. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-disco. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in nautilus (Ubuntu Disco):
status: New → Fix Committed
tags: added: verification-needed verification-needed-disco
Changed in nautilus (Ubuntu Disco):
importance: Undecided → High
tags: added: upgrade-software-version
Sebastien Bacher (seb128) wrote :

Using 1:3.32.1-0ubuntu0.19.04.0 on disco works without issue

tags: added: verification-done verification-done-disco
removed: verification-needed verification-needed-disco

The verification of the Stable Release Update for nautilus has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nautilus - 1:3.32.1-0ubuntu0.19.04.0

---------------
nautilus (1:3.32.1-0ubuntu0.19.04.0) disco; urgency=medium

  * New upstream release (lp: #1828735):
    - don't assert in nautilus_window_slot_get_location (lp: #1821435)
    - Fix CVE-2019-11461 "A compromised thumbnailer may escape
      the bubblewrap sandbox"
  * debian/patches/git_init_segfault.patch:
    - Removed, the fix is in the new version

 -- Sebastien Bacher <email address hidden> Sun, 12 May 2019 17:11:16 +0200

Changed in nautilus (Ubuntu Disco):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers