[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2554-1] firejail security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-2554-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
February 11, 2021                           https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : firejail
Version        : 0.9.44.8-2+deb9u2
CVE ID         : CVE-2021-26910

Roman Fiedler discovered a vulnerability in the OverlayFS code in
firejail, a sandbox program to restrict the running environment of
untrusted applications, which could result in root privilege
escalation. This update disables OverlayFS support in firejail.

For Debian 9 stretch, this problem has been fixed in version
0.9.44.8-2+deb9u2.

We recommend that you upgrade your firejail packages.

For the detailed security status of firejail please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firejail

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmAk0lYACgkQgj6WdgbD
S5YuSQ//dEFgjFVddG1DfrWZH5mX5ppb8YwC5YbGHxRP0SV0Eh+JbT2mJb3p3/4L
tzFZFwEeQw+yHnAQyuv6rlbqvPW+MqrR/jANfm0OARe5NsnKmLq/2Ol8hcGxFEnp
nc0+ryBOHRyw2Gy9zMK8MujZHZPqpLKJQ3BANWLVwT05HeP9ZfANSjh+Dc4QzfZa
UWTcvrvWnGoYdIRcesGqOpSwPkQV4J3B7EFEM3Ja/cFboRC3LdOksock078PljT/
fdxpL8BaQGNy7Sgy1hLdBYVMLfalmsgfnEGBtcWWfqIKla3b3tEHRQUfX2jXbqED
cbTCpHPxQwgf5SIHtQAaAXDcv4fnh3waENpI0ZDhlY3HATEgKkhULErtiuCoG9MO
EoD7Mhen8VcWgeXSUTarw6CnaKUENelYb79KXTdoovIhdoPnUKhA4m9F173+K1TS
yUpAs8CbvIUkoFrvSwPGHCu/unY+wAuhdmj2K7eVj7zWUR3ziDH+NlOZ4j3udVb/
8k30Btyx5jHoDtSSk+M0ETtKS67aOS6pQNFan4jqKM/AfJeda/Cn1aB6hRg3xmLZ
ylFFhy/eEiMnABe8pIE1FSa80bZLJxCebNS2ayTyaoYogq27cn5MEfn2kWkSAjQC
+wb9cs8C6ZYlUOyiATFSelU7WXqyyiF0LMAwKIOSbx82Zq1XQvY=
=JT9m
-----END PGP SIGNATURE-----


Reply to: