projects / snapd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 11e1061 2242417)
snapd (2.49-1) unstable; urgency=high
authorMichael Vogt <michael.vogt@ubuntu.com>
Wed, 24 Feb 2021 08:23:51 +0000 (08:23 +0000)
committerMichael Vogt <michael.vogt@ubuntu.com>
Wed, 24 Feb 2021 08:23:51 +0000 (08:23 +0000)
commit132fdd53f8e358ba16a4f91f39d68ed711872218
treec7ca40e0d2b87c0480da522a44aa0cb56042fc73tree | snapshot
parent11e10616c3e5ff8339c6ea17fc2da82a1256ff7ecommit | diff
parent2242417deb7826bfe97902b325253d1af9c27525commit | diff
snapd (2.49-1) unstable; urgency=high

  * New upstream release with security updates:
  * SECURITY UPDATE: sandbox escape vulnerability for containers
    (LP: #1910456)
    - many: add Delegate=true to generated systemd units for special
      interfaces
    - interfaces/greengrass-support: back-port interface changes to
      2.48
    - CVE-2020-27352
  * interfaces/builtin/docker-support: allow /run/containerd/s/...
    - This is a new path that docker 19.03.14 (with a new version of
      containerd) uses to avoid containerd CVE issues around the unix
      socket. See also CVE-2020-15257.
  * debian/patches/0013-cherry-pick-pr9936.patch:
    - cherry pick PR#9936 to use all apparmor available (closes: 923500)
  * d/p/0011-cherry-pick-pr9809, d/p/0012-cherry-pick-pr9844:
    - dropped, applied upstream

[dgit import unpatched snapd 2.49-1]
39 files changed:
debian/README.Source | | blob
debian/changelog | | blob
debian/compat | | blob
debian/control | | blob
debian/copyright | | blob
debian/gbp.conf | | blob
debian/golang-github-snapcore-snapd-dev.install | | blob
debian/not-installed | | blob
debian/patches/0001-cmd-snap-seccomp-use-upstream-seccomp-package.patch | | blob
debian/patches/0002-cmd-snap-seccomp-skip-tests-that-fail-on-4.19.patch | | blob
debian/patches/0003-cmd-snap-seccomp-skip-tests-that-use-m32.patch | | blob
debian/patches/0004-cmd-snap-skip-tests-depending-on-text-wrapping.patch | | blob
debian/patches/0005-advisor-errtracker-use-upstream-bolt-package.patch | | blob
debian/patches/0006-systemd-disable-snapfuse-system.patch | | blob
debian/patches/0007-i18n-use-dummy-localizations-to-avoid-dependencies.patch | | blob
debian/patches/0010-man-page-sections.patch | | blob
debian/patches/0013-cherry-pick-pr9936.patch | | blob
debian/patches/no-seccomp-fork.patch | | blob
debian/patches/no-snapfuse.patch | | blob
debian/patches/series | | blob
debian/rules | | blob
debian/snap-confine.maintscript | | blob
debian/snapd.autoimport.udev | | blob
debian/snapd.dirs | | blob
debian/snapd.install | | blob
debian/snapd.links | | blob
debian/snapd.lintian-overrides | | blob
debian/snapd.maintscript | | blob
debian/snapd.manpages | | blob
debian/snapd.postinst | | blob
debian/snapd.postrm | | blob
debian/snapd.prerm | | blob
debian/source/format | | blob
debian/source/options | | blob
debian/tests/README.md | | blob
debian/tests/control | | blob
debian/tests/integrationtests | | blob
debian/tests/testconfig.json | | blob
debian/watch | | blob
Unnamed repository; edit this file 'description' to name the repository.