[ubuntu/bionic-updates] nfs-utils 1:1.3.4-2.1ubuntu5.3 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Jun 22 13:58:15 UTC 2020


nfs-utils (1:1.3.4-2.1ubuntu5.3) bionic-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via directory permissions
    - debian/patches/CVE-2019-3689.patch: take user-id from
      /var/lib/nfs/sm in support/nsm/file.c, utils/statd/sm-notify.man,
      utils/statd/statd.man.
    - debian/nfs-common.postinst: don't make /var/lib/nfs owned by statd.
    - CVE-2019-3689

Date: 2020-06-09 12:53:26.512931+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/nfs-utils/1:1.3.4-2.1ubuntu5.3
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list