[ubuntu/groovy-updates] libzstd 1.4.5+dfsg-4ubuntu0.1 (Accepted)

[Ubuntu Archive Robot]

libzstd (1.4.5+dfsg-4ubuntu0.1) groovy-security; urgency=medium

  * SECURITY UPDATE: race condition allows attacker to access
    world-readable destination file
    - debian/patches/0018-fix-file-permissions-on-compression.patch: set
      umask in programs/fileio.c, programs/util.c, programs/util.h.
    - CVE-2021-24031
    - CVE-2021-24032

Date: 2021-03-03 16:31:09.390159+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/libzstd/1.4.5+dfsg-4ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.