projects / snapd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: aaede0e 7f5ba92)
snapd (2.37.4-1+deb10u2) buster-security; urgency=medium
authorAlex Murray <alex.murray@canonical.com>
Tue, 29 Nov 2022 12:01:21 +0000 (12:01 +0000)
committerAlex Murray <alex.murray@canonical.com>
Tue, 29 Nov 2022 12:01:21 +0000 (12:01 +0000)
commitc5ccb56dd6cd3e234089aee05d6af846d8128319
tree4fcc39d17c9b789d673e857640aac72bc9fecbc8tree | snapshot
parentaaede0e1c96e61f4d2697ad194ba7fe749d112eecommit | diff
parent7f5ba927a8f320294c69ebe3111c7e0de1d59180commit | diff
snapd (2.37.4-1+deb10u2) buster-security; urgency=medium

  * SECURITY UPDATE: Local privilege escalation
    - snap-confine: Fix race condition in snap-confine when preparing a
      private tmp mount namespace for a snap
    - CVE-2022-3328

[dgit import unpatched snapd 2.37.4-1+deb10u2]
42 files changed:
debian/changelog | | blob
debian/compat | | blob
debian/control | | blob
debian/copyright | | blob
debian/gbp.conf | | blob
debian/golang-github-snapcore-snapd-dev.install | | blob
debian/not-installed | | blob
debian/patches/0001-cmd-snap-seccomp-use-upstream-seccomp-package.patch | | blob
debian/patches/0002-cmd-snap-seccomp-skip-tests-that-fail-on-4.19.patch | | blob
debian/patches/0003-cmd-snap-seccomp-skip-tests-that-use-m32.patch | | blob
debian/patches/0004-cmd-snap-skip-tests-depending-on-text-wrapping.patch | | blob
debian/patches/0005-advisor-errtracker-use-upstream-bolt-package.patch | | blob
debian/patches/0006-systemd-disable-snapfuse-system.patch | | blob
debian/patches/0007-i18n-use-dummy-localizations-to-avoid-dependencies.patch | | blob
debian/patches/0010-man-page-sections.patch | | blob
debian/patches/cve202144730/0010-cmd-libsnap-confine-private-Fix-use-of-uninitialised.patch | | blob
debian/patches/cve202144730/0011-cmd-libsnap-confine-private-Defend-against-hardlink-.patch | | blob
debian/patches/cve202144730/0012-cmd-libsnap-confine-private-Don-t-fail-open-on-appar.patch | | blob
debian/patches/cve202144730/0013-cmd-libsnap-confine-private-Tighten-AppArmor-label-c.patch | | blob
debian/patches/cve202144730/0014-cmd-snap-confine-Remove-execute-permission-from-AppA.patch | | blob
debian/patches/cve202144730/0015-cmd-snap-confine-Prevent-user-controlled-race-in-set.patch | | blob
debian/patches/cve20223328/0016-cve-2022-3328-1.patch | | blob
debian/patches/cve20223328/0017-cve-2022-3328-2.patch | | blob
debian/patches/series | | blob
debian/rules | | blob
debian/snap-confine.maintscript | | blob
debian/snapd.autoimport.udev | | blob
debian/snapd.dirs | | blob
debian/snapd.install | | blob
debian/snapd.links | | blob
debian/snapd.lintian-overrides | | blob
debian/snapd.maintscript | | blob
debian/snapd.manpages | | blob
debian/snapd.postinst | | blob
debian/snapd.postrm | | blob
debian/source/format | | blob
debian/source/options | | blob
debian/tests/README.md | | blob
debian/tests/control | | blob
debian/tests/integrationtests | | blob
debian/tests/testconfig.json | | blob
debian/watch | | blob
Unnamed repository; edit this file 'description' to name the repository.