[ubuntu/bionic-security] nfs-utils 1:1.3.4-2.1ubuntu5.3 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Jun 22 13:28:33 UTC 2020
nfs-utils (1:1.3.4-2.1ubuntu5.3) bionic-security; urgency=medium
* SECURITY UPDATE: privilege escalation via directory permissions
- debian/patches/CVE-2019-3689.patch: take user-id from
/var/lib/nfs/sm in support/nsm/file.c, utils/statd/sm-notify.man,
utils/statd/statd.man.
- debian/nfs-common.postinst: don't make /var/lib/nfs owned by statd.
- CVE-2019-3689
Date: 2020-06-09 12:53:26.512931+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/nfs-utils/1:1.3.4-2.1ubuntu5.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list