[ubuntu/focal-updates] snapd 2.63+20.04ubuntu0.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Aug 1 06:58:19 UTC 2024
snapd (2.63+20.04ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: sandbox escape via $HOME/bin
- interfaces/builtin/home: explicitly deny writing to @{HOME}/bin
- CVE-2024-1724
* SECURITY UPDATE: denial-of-service via crafted files in squashfs image
- snap, snapdir, squashfs: improve validation of target file
mode/types
- CVE-2024-29068
* SECURITY UPDATE: information disclosure via crafted symlinks in
squashfs image
- snap, snapdir, squashfs: improve external symlink validation
- CVE-2024-29069
* Fix FTBFS due to missing systemd from Build-Depends
- debian/control: add systemd to Build-Depends to ensure pkg-config
can find the systemdutildir to install into
Date: 2024-07-29 15:03:10.821260+00:00
Changed-By: Alex Murray <alex.murray at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/snapd/2.63+20.04ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list