Ubuntu 12.04 LTS : xdiagnose update (USN-1591-1)
Low Nessus Plugin ID 62409
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionAlec Warner discovered that xdiagnose improperly handled temporary files in welcome.py when creating user-initiated archive files. While failsafeX does not use the vulnerable code, this update removes this functionality to protect any 3rd party applications which import the vulnerable code. In the default Ubuntu installation, this should be prevented by the Yama link restrictions.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected xdiagnose package.