[ubuntu/jammy-proposed] snapd 2.54.3+22.04.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Thu Feb 17 17:48:29 UTC 2022

snapd (2.54.3+22.04.1) jammy; urgency=medium

  * SECURITY UPDATE: Sensitive information exposure
    - usersession/autostart: change ~/snap perms to 0700 on startup.
    - cmd: create ~/snap dir with 0700 perms.
    - CVE-2021-3155
    - LP: #1910298
  * SECURITY UPDATE: Local privilege escalation
    - snap-confine: Add validations of the location of the snap-confine
      binary within snapd.
    - snap-confine: Fix race condition in snap-confine when preparing a
      private mount namespace for a snap.
    - CVE-2021-44730
    - CVE-2021-44731
  * SECURITY UPDATE: Data injection from malicious snaps
    - interfaces: Add validations of snap content interface and layout
      paths in snapd.
    - CVE-2021-4120
    - LP: #1949368

Date: 2022-02-17 01:07:11.347060+00:00
Changed-By: Michael Vogt <michael.vogt at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the jammy-changes mailing list