[ubuntu/focal-security] nfs-utils 1:1.3.4-2.5ubuntu3.3 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Jun 22 13:28:31 UTC 2020
nfs-utils (1:1.3.4-2.5ubuntu3.3) focal-security; urgency=medium
* SECURITY UPDATE: privilege escalation via directory permissions
- debian/patches/CVE-2019-3689.patch: take user-id from
/var/lib/nfs/sm in support/nsm/file.c, utils/statd/sm-notify.man,
utils/statd/statd.man.
- debian/nfs-common.postinst: don't make /var/lib/nfs owned by statd.
- CVE-2019-3689
Date: 2020-06-22 12:25:13.851411+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/nfs-utils/1:1.3.4-2.5ubuntu3.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list