[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Any implications for default Trixie intall? - was [Re: Security: Be careful with StarDict!]

On Tue, Aug 05, 2025 at 08:22:12 -0500, Richard Owlett wrote:
> > > I'll use netinst, accepting all defaults.
> > 
> > I thought you used mate?
> 
> I do. But I essentially think of MATE as Gnome done right.
> My two questions still apply.
> 
> To be explicit, "Does MATE have any of the vulnerabilities mentioned in this
> thread?

If you're concerned about it, you should check whether the stardict
package is installed, and if so, either remove it, or find out how to
disable its default behavior.  That's the best way to be sure it
won't affect you.

As a MATE user, you are in the best position to answer your own question.

If you want my best guesses, read on.

Do you select MATE from the menu during the install, or do you uncheck
every desktop environment package, and then install some metapackage such
as "mate-desktop" or "task-mate-desktop" or "mate-desktop-environment"
from the command line afterward?  If so, which package is it?

The installer is still a bit mysterious to me, but I believe "tasksel"
comes close to its effect.  The file
/usr/share/tasksel/descs/debian-tasks.desc contains this stanza:

Task: mate-desktop
Parent: desktop
Relevance: 8
Key: 
  task-mate-desktop
Section: user
Test-default-desktop: 3 mate

It's really unclear to me whether this means it will install the package
named "mate-desktop" or the package named "task-mate-desktop".

In Bookworm, the dependencies of those two packages look like:

hobbit:~$ apt-cache show task-mate-desktop | grep Depends
Depends: tasksel (= 3.73), task-desktop, mate-desktop-environment, lightdm

hobbit:~$ apt-cache show mate-desktop | grep Depends
Depends: hicolor-icon-theme, libmate-desktop-2-17 (>= 1.10.0), mate-desktop-common (= 1.26.0-2), libc6 (>= 2.34), libglib2.0-0 (>= 2.50.0), libgtk-3-0 (>= 3.22.0)

The task- package brings in a LOT more stuff:

hobbit:~$ apt-get -s install mate-desktop 2>&1 | wc
     45     245    2610
hobbit:~$ apt-get -s install task-mate-desktop 2>&1 | wc
   1048    5296   70388

I don't understand why they're so different.  But in any case:

hobbit:~$ apt-get -s install task-mate-desktop 2>&1 | grep stardict
hobbit:~$ apt-get -s install mate-desktop 2>&1 | grep stardict
hobbit:~$ 

Neither one of them appears to bring in stardict, at least on a Bookworm
system that has no desktop environments.

I don't know whether Trixie will be different.
Reply to: