USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced
a regression that could break the fish shell. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
James Troup discovered that snap did not properly manage the permissions for
the snap directories. A local attacker could possibly use this issue to expose
sensitive information. (CVE-2021-3155)
Ian Johnson discovered that snapd did not properly validate content interfaces
and layout paths. A local attacker could possibly use this issue to inject
arbitrary AppArmor policy rules, resulting in a bypass of intended access
restrictions. (CVE-2021-4120)
The Qualys Research Team discovered that snapd did not properly validate the
location of the snap-confine binary. A local attacker could possibly use this
issue to execute other arbitrary binaries and escalate privileges.
(CVE-2021-44730)
The Qualys Research Team discovered that a race condition existed in the snapd
snap-confine binary when preparing a private mount namespace for a snap. A
local attacker could possibly use this issue to escalate privileges and
execute arbitrary code. (CVE-2021-44731)
More Stories
trafficserver-9.2.5-1.el8
FEDORA-EPEL-2024-d40458db4b Packages in this update: trafficserver-9.2.5-1.el8 Update description: Update to upstream 9.2.5 Resolves CVE-2023-38522, CVE-2024-35161, CVE-2024-35296 Read More
trafficserver-9.2.5-1.fc40
FEDORA-2024-77fe791124 Packages in this update: trafficserver-9.2.5-1.fc40 Update description: Update to upstream 9.2.5 Resolves CVE-2023-38522, CVE-2024-35161, CVE-2024-35296 Read More
trafficserver-9.2.5-1.el9
FEDORA-EPEL-2024-504d1abdb5 Packages in this update: trafficserver-9.2.5-1.el9 Update description: Update to upstream 9.2.5 Resolves CVE-2023-38522, CVE-2024-35161, CVE-2024-35296 Read More
trafficserver-9.2.5-1.fc39
FEDORA-2024-2243c5abee Packages in this update: trafficserver-9.2.5-1.fc39 Update description: Update to upstream 9.2.5 Resolves CVE-2023-38522, CVE-2024-35161, CVE-2024-35296 Read More
python-setuptools-69.0.3-4.fc40
FEDORA-2024-247e9ba33a Packages in this update: python-setuptools-69.0.3-4.fc40 Update description: Security fix for CVE-2024-6345. Read More
python-setuptools-67.7.2-8.fc39
FEDORA-2024-9ed182a5d3 Packages in this update: python-setuptools-67.7.2-8.fc39 Update description: Security fix for CVE-2024-6345. Read More