raj*_*raj 4 updates snap 20.04
使用 Ubuntu 20.04 的人是否也注意到 snapd 最近更新得非常频繁?如果我没记错的话,snapd 在上周更新了 3 次,大概......
为什么是这样?是否在 snapd 中发现了多个漏洞已被一一修复,或者是否存在一系列不成功的修复,需要再次修复,或者......?
您可以检查更改日志(可从Ubuntu Package site访问):
snapd (2.54.3+20.04.1ubuntu0.2) focal-security; urgency=medium
* SECURITY REGRESSION: Fix fish shell compatibility
- data/env/snapd.fish.in: more workarounds for even older fish shells,
provide reasonable defaults.
- LP: #1961791
-- Paulo Flabiano Smorigo <pfsmorigo@canonical.com> Wed, 23 Feb 2022 18:25:31 +0000
snapd (2.54.3+20.04.1ubuntu0.1) focal-security; urgency=medium
* SECURITY REGRESSION: Fix fish shell compatibility
- data/env/snapd.fish.in: fix fish env for all versions of fish, unexport
local vars, export XDG_DATA_DIRS.
- LP: #1961365
-- Paulo Flabiano Smorigo <pfsmorigo@canonical.com> Fri, 18 Feb 2022 21:31:48 +0000
snapd (2.54.3+20.04.1) focal-security; urgency=medium
* debian/rules: disabling unit tests on riscv64
-- Emilia Torino <emilia.torino@canonical.com> Thu, 17 Feb 2022 15:37:53 -0300
snapd (2.54.3+20.04) focal-security; urgency=medium
* SECURITY UPDATE: Sensitive information exposure
- usersession/autostart: change ~/snap perms to 0700 on startup.
- cmd: create ~/snap dir with 0700 perms.
- CVE-2021-3155
- LP: #1910298
* SECURITY UPDATE: Local privilege escalation
- snap-confine: Add validations of the location of the snap-confine
binary within snapd.
- snap-confine: Fix race condition in snap-confine when preparing a
private mount namespace for a snap.
- CVE-2021-44730
- CVE-2021-44731
* SECURITY UPDATE: Data injection from malicious snaps
- interfaces: Add validations of snap content interface and layout
paths in snapd.
- CVE-2021-4120
- LP: #1949368
-- Michael Vogt <michael.vogt@ubuntu.com> Tue, 15 Feb 2022 17:45:13 +0100
| 归档时间: |
|
| 查看次数: |
493 次 |
| 最近记录: |