-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 10 Jul 2020 20:06:29 +0200 Source: snapd Architecture: source Version: 2.45.2-1 Distribution: unstable Urgency: high Maintainer: Michael Hudson-Doyle <mwhudson@debian.org> Changed-By: Michael Vogt <michael.vogt@ubuntu.com> Changes: snapd (2.45.2-1) unstable; urgency=high . * SECURITY UPDATE: sandbox escape vulnerability on snapctl xdg-open implementation - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment variable modification when calling the system xdg-open. Patch thanks to James Henstridge - packaging/ubuntu-16.04/snapd.postinst: ensure "snap userd" is restarted. Patch thanks to Michael Vogt - CVE-2020-11934 * SECURITY UPDATE: arbitrary code execution vulnerability on core devices with access to physical removable media - devicestate: Disable/restrict cloud-init after seeding. - CVE-2020-11933 Checksums-Sha1: 380838d313d511b1656f9a77765005f84150fa62 3497 snapd_2.45.2-1.dsc 52acd406bf9b14f72cfcc50583cb5d00221ff70f 4393691 snapd_2.45.2.orig.tar.gz 9e21f26a49b042db7ef4f3e06bc8462b99d0bdac 76644 snapd_2.45.2-1.debian.tar.xz c164053023c23ca8ca812caf01b276fe00d63066 13982 snapd_2.45.2-1_source.buildinfo Checksums-Sha256: 5ff86e984502ba3f5812e7e73693ba7f3d8b4773a07995d8bedd1227d667e0e7 3497 snapd_2.45.2-1.dsc 8d1eb057ddf4120ca86d4f1324cda5c001c3f82d3c78066440de65a231dc3084 4393691 snapd_2.45.2.orig.tar.gz c26cee5c0ee631d41f2728d26001436ec5f778ce1a23815bee45e05852820060 76644 snapd_2.45.2-1.debian.tar.xz 1b4d07d33536e7ef001a6ba82d94e92ee6cc1cadc5d1f6c77c88c2493c0843ac 13982 snapd_2.45.2-1_source.buildinfo Files: 5647a204757bfb2bff927f59fa0b4c54 3497 devel optional snapd_2.45.2-1.dsc 8d785dca087b9993931786fc90af3fd8 4393691 devel optional snapd_2.45.2.orig.tar.gz b81cfa4f0751be5d444d71f817f5fdfb 76644 devel optional snapd_2.45.2-1.debian.tar.xz 2cf076d3acee0b89e4150eb9e3e979f8 13982 devel optional snapd_2.45.2-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE2mxnVNiIdibNBqEomMq7Or1MpZ4FAl8OqA4ACgkQmMq7Or1M pZ6MfxAAmpvKXUlMfEnsKLSEA1RGcjz3epVufyJ0WeaePvv/Uc0XAOHDAcKCHyqK J670SMZdNIhCu8Ymt2YDAeoRJQaXuTxkESbbJgMtvYpIOU6K6R9Z7l1DUJpwIeN7 ilHW01XIkA1xIT4V4RK8DKoPBj2GPewLwGYf6eHTnd2owcn28C6o7/QaPQ2Mqd+j dcrHwNaPISm+9TNcQAdeCWR0gTdBicqJEUgxwdKyYW71iA79EVufxKG5fcMbOTFk 1xcYVfoO5paqUXhJF8z5YYNOsOFwkhWR/JpnkAsQZV/1BZZIUyq5yGgc1IN+W2OI uv9bJX3icURA6A6eGWSnbo1onMMKlO1EJoS/8EMyfq2r3eG9UqWs/K79qqzd3mmE J2g0Y3PJ6Sk77hTn8QufUrLdlSJxQQzUt/50JdKTSNgKrVEEy4Dg5wqMCq/tFjxL ygDjyfB4QRbxssZZ2ii/opVEsbpyg336kqAHml0aFBjqjArhAegqhULiVm9mqwvq tWepTJV/kRuw0I4vMFt+TlNyPf47q/bq6FbfArEu9S4Rw23Wlyj1spr3xd5zHlrK bCpWxqmQSl7Fy6IF0FCtJHpZc8erzdacmg12bpUK/lRYf/pmvV6crPkFcJ0YS84T 4Km4Hvgo+OpwkRrXtLUkdWoOS4SrSxyWsJvEOD7NmMQXFuhnEtc= =9IdO -----END PGP SIGNATURE-----