[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 3215-1] snapd security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-3215-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
December 02, 2022                           https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : snapd
Version        : 2.37.4-1+deb10u2
CVE ID         : CVE-2022-3328

The Qualys Research Team discovered a race condition in the snapd-confine
binary which could result in local privilege escalation.

For Debian 10 buster, this problem has been fixed in version
2.37.4-1+deb10u2.

We recommend that you upgrade your snapd packages.

For the detailed security status of snapd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/snapd

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmOKAjIACgkQgj6WdgbD
S5aqRBAAsu2/H3ONqZgYdvjVnsSzi9k8eIkAjWa21f/OqMLTZAaMNorBfOI+udVz
BcC7b0fhbUf388W+9JJ34OniTsPJjc06JkOC+1JkNx6lHi+moAq9fcXKfBE5CPdX
s6Bp1DZBpLAClc4rZUkDJiHZ88VxicPHLpunvn17abZLK5rXF8exerQeTRp99Ez2
XvV5wcQ1wmFHC7Rx+yJiNqFZyQJGhtfT0RmB4Q8UCEUy0rMTXdrbYcSPTWPc7eOz
1YhZOh3aVC8EczRHtgv2kfBn0o2nTCsGR33QJmlquVNvHVB8ExhwPaPOCbnKqDxk
u3/FG2gsP+GhVTol8DvEUok+Hcyo2eDu1j+orvn2b8kHjIbggtqbsb2DR2Gq1w24
/yBF4vSNA71y+Nqz3iuet8fGCBuK+K4ZyhWBl26b0qDp2BtRGYw4fW66vgfgRZ/l
dbEMN8o+AW+xwe24F4PAnO0uJz0opoGEbZbRtgvPA0AF+/97XoNFq2DpdaOAiXrf
qGTO2+FUlfeq7d+jkdohlH+DlznrWE0p7a6Mn31rjgjzUyWgxc3BH7p9GaJ7X9Mo
79WGhxYd07CMpHIuPFBeq1GCNDqxriyUP81j2OXoOJn+ctObAB4FpUujaUGaNGmz
tOPQdmfKfavsspPD5WnXQUSZKEM+f9LnHUpyvNSuLaUiEgq/Yh8=
=wsgR
-----END PGP SIGNATURE-----


Reply to: