[ubuntu/jammy-proposed] snapd 2.54.3+22.04.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Feb 17 17:48:29 UTC 2022
snapd (2.54.3+22.04.1) jammy; urgency=medium
* SECURITY UPDATE: Sensitive information exposure
- usersession/autostart: change ~/snap perms to 0700 on startup.
- cmd: create ~/snap dir with 0700 perms.
- CVE-2021-3155
- LP: #1910298
* SECURITY UPDATE: Local privilege escalation
- snap-confine: Add validations of the location of the snap-confine
binary within snapd.
- snap-confine: Fix race condition in snap-confine when preparing a
private mount namespace for a snap.
- CVE-2021-44730
- CVE-2021-44731
* SECURITY UPDATE: Data injection from malicious snaps
- interfaces: Add validations of snap content interface and layout
paths in snapd.
- CVE-2021-4120
- LP: #1949368
Date: 2022-02-17 01:07:11.347060+00:00
Changed-By: Michael Vogt <michael.vogt at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/snapd/2.54.3+22.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list