[ubuntu/jammy-security] ubuntu-advantage-desktop-daemon 1.10.ubuntu0.22.04.2 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Thu Oct 10 23:40:24 UTC 2024


ubuntu-advantage-desktop-daemon (1.10.ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Pro client is called with attach parameter in plain text,
    allowing for potentially leak of private information. (LP: #2068944)
    - debian/patches/CVE-2024-6388.patch: Use a temporary file with 400
      permissions instead.
      https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24/
    - CVE-2024-6388

Date: 2024-10-08 22:19:10.538098+00:00
Changed-By: Chris Kim <chris.kim at canonical.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/ubuntu-advantage-desktop-daemon/1.10.ubuntu0.22.04.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the jammy-changes mailing list