Freedesktop.Org · Xdg-User-Dirs · CVE-2017-15131
Name of the Vulnerable Software and Affected Versions:
xdg-user-dirs versions prior to 0.15.5
Description:
A issue was found where the system umask policy is not being honored when creating XDG user directories. This occurs because Xsession sources xdg-user-dirs.sh before setting the umask policy.
Recommendations:
For versions prior to 0.15.5, update to version 0.15.5 or later to resolve the issue.