UbuntuUpdates.org

Package "snapd"

Name: snapd

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Transitional package for snapd
  • Transitional package for snapd-xdg-open
  • Transitional package for snapd
  • transitional dummy package

Latest version: 2.45.1+18.04.2
Release: bionic (18.04)
Level: security
Repository: universe

Links



Other versions of "snapd" in Bionic

Repository Area Version
base main 2.32.5+18.04
base universe 2.32.5+18.04
security main 2.45.1+18.04.2
updates main 2.45.1+18.04.2
updates universe 2.45.1+18.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.45.1+18.04.2 2020-07-15 15:06:27 UTC

  snapd (2.45.1+18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: sandbox escape vulnerability via snapctl user-open
    (xdg-open)
    - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment
      variable modification when calling the system xdg-open. Patch
      thanks to James Henstridge
    - packaging/ubuntu-16.04/snapd.postinst: kill userd on upgrade so it
      may autostart on next use. Patch thanks to Michael Vogt
    - CVE-2020-11934
    - LP: #1880085

 -- Emilia Torino <email address hidden> Fri, 10 Jul 2020 11:00:39 -0300

Source diff to previous version

Version: 2.37.4+18.04.1 2019-03-21 22:06:27 UTC

  snapd (2.37.4+18.04.1) bionic-security; urgency=medium

  * No change rebuild for bionic-security (LP: #1812973)
    - CVE-2019-7303

 -- Jamie Strandboge <email address hidden> Fri, 15 Mar 2019 19:54:24 +0000

Source diff to previous version
CVE-2019-7303 RESERVED

Version: 2.34.2+18.04.1 2019-02-12 17:07:12 UTC

  snapd (2.34.2+18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: local privilege escalation via improper input validation
    of socket peer credential (LP: #1813365)
    - daemon/ucrednet.go: utilize regex for validating and parsing remoteAddr.
      Patch thanks to John Lenton
    - CVE-YYYY-NNNN

 -- Jamie Strandboge <email address hidden> Tue, 29 Jan 2019 17:50:52 +0000

1813365 Local privilege escalation via snapd socket



About   -   Send Feedback to @ubuntu_updates