[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 5080-1] snapd security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5080-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 18, 2022                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : snapd
CVE ID         : CVE-2021-44730 CVE-2021-44731

Multiple vulnerabilties were discovered in snapd, a daemon and tooling
that enable Snap packages, which could result in bypass of access
restrictions or privilege escalation.

For the oldstable distribution (buster), these problems have been fixed
in version 2.37.4-1+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 2.49-1+deb11u1.

We recommend that you upgrade your snapd packages.

For the detailed security status of snapd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/snapd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIP7GAACgkQEMKTtsN8
TjaK+hAAsEhseoBOiAZ99GGFoQd1GCxYl/zZsjObvfLeJXGsJ+llZpOjeCUL5E5W
GNhFbtUpNhiSSDRBrTdx3uU5G2nMYpENLoq7RkndYDkpYfNYrKLRkpT4qSP37p/5
LpSp+Zy7hFsYVWJwjoGvus6lCEBmV5nfYzCRu+3L6NUZTw4OKKxNwOByaciQgG5R
bGk5WNNvDYKPmkhaEPmZr/ikWOHg4zvOHWh0tdbpVSCgJPDyc5AreTFMOOoNRJ5W
oJzYPknLZjbx1BTDEKiFDAWk4n30xkhSLvsLrlQ37qpOj/S4FqJXcKXAFq28oRH1
sWaFEVWXYh4a6WBZw2NOL2xZHYbu3dPQp277RH5YrBXdRYEhEkaRU4s7Aw7XtZnl
zvamHGmgXstYj2lxYRTjEpD10xlnSWDq48tGGpuxfOE2KTMoYsOtN4CFRMXfnvCx
62m4QmLFy2PgHmlf6r+0yE0KG5SPaboPUVmozgpA9OF+AQwU3zxZ/IFTOeiBTWiT
8yaP1vMQegkoPCT+L3oSKbFMy0CUweYZQtndAll5HC2ddmWPuxVSYOZ4CknzgrJ0
WKPs2hMYqNczXTOsqQgU3EY6AIj3hHRkI2ViPvjj9YM2NGwKBpgSJTO278+kz+qC
V8uPsoWZYn29pkUVJGFvXqneU/SkIP2SM8zDtcPwcc/7FL40uBk=
=971o
-----END PGP SIGNATURE-----


Reply to: