[ubuntu/noble-security] ubuntu-advantage-desktop-daemon 1.11ubuntu0.1 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Thu Oct 10 23:40:23 UTC 2024
ubuntu-advantage-desktop-daemon (1.11ubuntu0.1) noble-security; urgency=medium
* SECURITY UPDATE: Pro client is called with attach parameter in plain text,
allowing for potentially leak of private information. (LP: #2068944)
- debian/patches/CVE-2024-6388.patch: Use a temporary file with 400
permissions instead.
https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24/
- CVE-2024-6388
Date: 2024-10-04 16:29:10.324154+00:00
Changed-By: Chris Kim <chris.kim at canonical.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/ubuntu-advantage-desktop-daemon/1.11ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list