[ubuntu/eoan-updates] nfs-utils 1:1.3.4-2.5ubuntu2.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Jun 22 13:58:15 UTC 2020
nfs-utils (1:1.3.4-2.5ubuntu2.1) eoan-security; urgency=medium
* SECURITY UPDATE: privilege escalation via directory permissions
- debian/patches/CVE-2019-3689.patch: take user-id from
/var/lib/nfs/sm in support/nsm/file.c, utils/statd/sm-notify.man,
utils/statd/statd.man.
- debian/nfs-common.postinst: don't make /var/lib/nfs owned by statd.
- CVE-2019-3689
Date: 2020-06-09 12:45:19.639301+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/nfs-utils/1:1.3.4-2.5ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Eoan-changes
mailing list