Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5080-1] snapd security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5080-1] snapd security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5080-1] snapd security update
  • Date: Fri, 18 Feb 2022 19:03:16 +0000
  • List-archive: https://lists.debian.org/msgid-search/20220218190316.GA19601 AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=HkyDxTvFSvGOzJ6cojkGBaN2jYLEWZWEdVXQ0LCGOww=; b=qm BqlvQj5dEMseqHsJU5rcgBp2WY8Y4pprnndvOYT7yZTsjXP+XYSit/E9+HCAX35riUvcCqaIvh6Bi IsL+rysFRUzBFP7AA7rneAMRYCp4vriY0PG3ZECM4HroGDIFmr1kqgx0mous4O6ksyRfq70XL48w1 HuARs53wygYV3c/1rkDfXFkus0iFdAOmcqjrIrFEuoGCyKIBTye0beh3l340rXCPgPblZE3XtiGm1 SFnwVRfdNLNjoKY/y2XxFJuslP7Og8wdExIotLlkBNy+GHX6I+bQcwYpJ3mioc8kuvSudIjig/dyx I11seWDzVPs0dEc+6gwrHqwJwWJOa9Ng==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Fri, 18 Feb 2022 19:03:37 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <aEtMlNh9BuK.A.iaC.J2-DiB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5080-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 18, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : snapd
CVE ID : CVE-2021-44730 CVE-2021-44731

Multiple vulnerabilties were discovered in snapd, a daemon and tooling
that enable Snap packages, which could result in bypass of access
restrictions or privilege escalation.

For the oldstable distribution (buster), these problems have been fixed
in version 2.37.4-1+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 2.49-1+deb11u1.

We recommend that you upgrade your snapd packages.

For the detailed security status of snapd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/snapd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIP7GAACgkQEMKTtsN8
TjaK+hAAsEhseoBOiAZ99GGFoQd1GCxYl/zZsjObvfLeJXGsJ+llZpOjeCUL5E5W
GNhFbtUpNhiSSDRBrTdx3uU5G2nMYpENLoq7RkndYDkpYfNYrKLRkpT4qSP37p/5
LpSp+Zy7hFsYVWJwjoGvus6lCEBmV5nfYzCRu+3L6NUZTw4OKKxNwOByaciQgG5R
bGk5WNNvDYKPmkhaEPmZr/ikWOHg4zvOHWh0tdbpVSCgJPDyc5AreTFMOOoNRJ5W
oJzYPknLZjbx1BTDEKiFDAWk4n30xkhSLvsLrlQ37qpOj/S4FqJXcKXAFq28oRH1
sWaFEVWXYh4a6WBZw2NOL2xZHYbu3dPQp277RH5YrBXdRYEhEkaRU4s7Aw7XtZnl
zvamHGmgXstYj2lxYRTjEpD10xlnSWDq48tGGpuxfOE2KTMoYsOtN4CFRMXfnvCx
62m4QmLFy2PgHmlf6r+0yE0KG5SPaboPUVmozgpA9OF+AQwU3zxZ/IFTOeiBTWiT
8yaP1vMQegkoPCT+L3oSKbFMy0CUweYZQtndAll5HC2ddmWPuxVSYOZ4CknzgrJ0
WKPs2hMYqNczXTOsqQgU3EY6AIj3hHRkI2ViPvjj9YM2NGwKBpgSJTO278+kz+qC
V8uPsoWZYn29pkUVJGFvXqneU/SkIP2SM8zDtcPwcc/7FL40uBk=
=971o
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5080-1] snapd security update, Moritz Muehlenhoff, 18.02.2022

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang