[ubuntu/lunar-security] snapd 2.59.1+23.04ubuntu1.1 (Accepted)

Alex Murray alex.murray at canonical.com
Wed May 31 01:54:33 UTC 2023

snapd (2.59.1+23.04ubuntu1.1) lunar-security; urgency=medium

  * SECURITY UPDATE: possible sandbox escape via TIOCLINUX ioctl
    - interfaces/seccomp/template.go: block ioctl with TIOCLINUX. Patch
      from upstream. Graphical terminal emulators like xterm, gnome-terminal
      and others are not affected - this can only be exploited when snaps
      are run on a virtual console.
    - https://github.com/snapcore/snapd/pull/12849
    - CVE-2023-1523

Date: 2023-05-29 12:08:08.437339+00:00
Changed-By: Alex Murray <alex.murray at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the lunar-changes mailing list