Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted snapd 2.49-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Sat, 19 Feb 2022 17:02:14 +0000
Signed by: Michael Vogt <mvo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 16 Feb 2022 10:56:34 +0100
Source: snapd
Built-For-Profiles: noudeb
Architecture: source
Version: 2.49-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Michael Hudson-Doyle <mwhudson@debian.org>
Changed-By: Michael Vogt <mvo@debian.org>
Launchpad-Bugs-Fixed: 1949368
Changes:
 snapd (2.49-1+deb11u1) bullseye-security; urgency=high
 .
   * SECURITY UPDATE: local privilege escalation
     - 0015-cve-2021-44730-44731-4120.patch: Add validations of the
       location of the snap-confine binary within snapd.
     - 0015-cve-2021-44730-44731-4120: Fix race condition in snap-confine
       when preparing a private mount namespace for a snap.
     - 0016-cve-2021-2021-44730-44731-4120-auto-remove.patch: automatic
       remove vulnerable inactive core/snapd snaps
     - CVE-2021-44730
     - CVE-2021-44731
   * SECURITY UPDATE: data injection from malicious snaps
     - 0015-cve-2021-44730-44731-4120: Add validations of snap content
       interface and layout paths in snapd
     - CVE-2021-4120
     - LP: #1949368
Checksums-Sha1:
 e25dcb8d2159f97af56e18a9a327a36396612db5 3591 snapd_2.49-1+deb11u1.dsc
 1722701371619404e2a832af12df8c768fb2849c 5032853 snapd_2.49.orig.tar.gz
 911001aa6244afd164094592c65a8f8fa2bed3c0 121688 snapd_2.49-1+deb11u1.debian.tar.xz
 f6ac8baddcad04f33a78bf61ff7e14f3da166662 16046 snapd_2.49-1+deb11u1_source.buildinfo
Checksums-Sha256:
 4b58675af811b5296bcbc0f48c6dabc6503b762d430ed5dfab455cc728c11e22 3591 snapd_2.49-1+deb11u1.dsc
 8da73f19017bc129d4ee444c90993445a1748e63d6a3cf5192aac1fa3ecac9f8 5032853 snapd_2.49.orig.tar.gz
 781c2b949378f1c8cd807c275f1a8e76b8e865fbba99183821b3a7fcee889e44 121688 snapd_2.49-1+deb11u1.debian.tar.xz
 be08290f81ac059fc6d150b18744d4125d35c095c8696b0df9d44b94188f3036 16046 snapd_2.49-1+deb11u1_source.buildinfo
Files:
 6d4ba523399d66620fb2e21983519846 3591 devel optional snapd_2.49-1+deb11u1.dsc
 5dbcaccd61d1844434397e5f83222996 5032853 devel optional snapd_2.49.orig.tar.gz
 93f9cd6418741083dd54c8d8c9e5fe57 121688 devel optional snapd_2.49-1+deb11u1.debian.tar.xz
 ce6729f09a03b1b2ce722df573fbffff 16046 devel optional snapd_2.49-1+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCAAtFiEE2mxnVNiIdibNBqEomMq7Or1MpZ4FAmINauYPHG12b0BkZWJp
YW4ub3JnAAoJEJjKuzq9TKWe57wP/RMJNhxYmMeBD7lbIRrFS8+teoMANDQs1Ost
KzJJv3aI7OTxHxfwUyjkWa57OP8Qpjr15IG+NxFvLmqtq/2Yzx3QfaGW3CdyZueq
QYdmJ+chjusDGeeapS/BY746FQWrz9066skV/hWvaC62HvVJqtSD5ua83+CWDfQj
c0S97tSntJ9H8tA0GvPq5/57dQ7RrlSB5fJ3TC9JGx0Sw3WUfPhCV8FUl8bKYjhV
PBpL4ZKeTvrBnS86mAl5niDvdabr1itHaAeBZ4/Vt/4XyYuBndpbKxYuwqbHo2fd
oad9n9ITv9ozWm+OlvvdNv3LeEXhAt066WBYSTueveSdvnMW3wSdq/Dy5aqK2sid
QN8tPa6DhzeW3FsfwwOz5bIW9gx/RX5Ek4M5tKJ6TWobcBBR+vZuI0GbGpuaxWIC
ddXpSyU4MZ59oYmksk32pFlOar4BcJp9SCeVIeMs+cCD60NDNUFJ2Of0pmmgqkAO
b8tsGn1cbZxqEhSY2s/i5hQ6ZrII8f9iPtnjHgTsE5HTYTvt2S/yl7zrI7k5NtB/
EvH8dUL59iIqKe+/lLjv0v2D0wFAGsWlyhhS/uFzsgngCmhE6/Vi+l7784m9thx8
f/umwadLbhbo62tUnKG14nZ36ZPox7TuyoXKF620u5hgujElYpCRSynoS7Y8Ondl
9MpHeIaE
=UNZJ
-----END PGP SIGNATURE-----
News for package snapd
