Package "snapd-xdg-open"

Name: snapd-xdg-open


Transitional package for snapd-xdg-open

Latest version: 2.48.3
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: snapd
Homepage: https://github.com/snapcore/snapd


Download "snapd-xdg-open"

Other versions of "snapd-xdg-open" in Xenial

Repository Area Version
security universe 2.48.3


Version: 2.48.3 2021-02-10 03:07:54 UTC

  snapd (2.48.3) xenial-security; urgency=medium

  * SECURITY UPDATE: sandbox escape vulnerability for containers
    (LP: #1910456)
    - many: add Delegate=true to generated systemd units for special
    - interfaces/greengrass-support: back-port interface changes to
    - CVE-2020-27352
  * interfaces/builtin/docker-support: allow /run/containerd/s/...
    - This is a new path that docker 19.03.14 (with a new version of
      containerd) uses to avoid containerd CVE issues around the unix
      socket. See also CVE-2020-15257.

Source diff to previous version
CVE-2020-27352 RESERVED
CVE-2020-15257 containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.

Version: 2.48 2020-11-30 17:06:20 UTC

  snapd (2.48) xenial; urgency=medium

  * New upstream release, LP: #1904098
    - osutil: add KernelCommandLineKeyValue
    - devicestate: implement boot.HasFDESetupHook
    - boot/makebootable.go: set snapd_recovery_mode=install at image-
      build time
    - bootloader: use ForGadget when installing boot config
    - interfaces/raw_usb: allow read access to /proc/tty/drivers
    - boot: add scaffolding for "fde-setup" hook support for sealing
    - tests: fix basic20 test on arm devices
    - seed: make a shared seed system label validation helper
    - snap: add new "fde-setup" hooktype
    - cmd/snap-bootstrap, secboot, tests: misc cleanups, add spread test
    - secboot,cmd/snap-bootstrap: fix degraded mode cases with better
      device handling
    - boot,dirs,c/snap-bootstrap: avoid InstallHost* at the cost of some
    - tests/nested/manual/refresh-revert-fundamentals: temporarily
      disable secure boot
    - snap-bootstrap,secboot: call BlockPCRProtectionPolicies in all
      boot modes
    - many: address degraded recover mode feedback, cleanups
    - tests: Use systemd-run on tests part2
    - tests: set the opensuse tumbleweed system as manual in spread.yaml
    - secboot: call BlockPCRProtectionPolicies even if the TPM is
    - vendor: update to current secboot
    - cmd/snap-bootstrap,o/devicestate: use a secret to pair data and
    - spread.yaml: increase number of workers on 20.10
    - snap: add new `snap recovery --show-keys` option
    - tests: minor test tweaks suggested in the review of 9607
    - snapd-generator: set standard snapfuse options when generating
      units for containers
    - tests: enable lxd test on ubuntu-core-20 and 16.04-32
    - interfaces: share /tmp/.X11-unix/ from host or provider
    - tests: enable main lxd test on 20.10
    - cmd/s-b/initramfs-mounts: refactor recover mode to implement
      degraded mode
    - gadget/install: add progress logging
    - packaging: keep secboot/encrypt_dummy.go in debian
    - interfaces/udev: use distro specific path to snap-device-helper
    - o/devistate: fix chaining of tasks related to regular snaps when
    - gadget, overlord/devicestate: validate that system supports
      encrypted data before install
    - interfaces/fwupd: enforce the confined fwupd to align Ubuntu Core
      ESP layout
    - many: add /v2/system-recovery-keys API and client
    - secboot, many: return UnlockMethod from Unlock* methods for future
    - many: mv keys to ubuntu-boot, move model file, rename keyring
      prefix for secboot
    - tests: using systemd-run instead of manually create a systemd unit
      - part 1
    - secboot, cmd/snap-bootstrap: enable or disable activation with
      recovery key
    - secboot: refactor Unlock...IfEncrypted to take keyfile + check
      disks first
    - secboot: add LockTPMSealedKeys() to lock access to keys
    - gadget: correct sfdisk arguments
    - bootloader/assets/grub: adjust fwsetup menuentry label
    - tests: new boot state tool
    - spread: use the official image for Ubuntu 20.10, no longer an
      unstable system
    - tests/lib/nested: enable snapd logging to console for core18
    - osutil/disks: re-implement partition searching for disk w/ non-
      adjacent parts
    - tests: using the nested-state tool in nested tests
    - many: seal a fallback object to the recovery boot chain
    - gadget, gadget/install: move helpers to install package, refactor
      unit tests
    - dirs: add "gentoo" to altDirDistros
    - update-pot: include file locations in translation template, and
      extract strings from desktop files
    - gadget/many: drop usage of gpt attr 59 for indicating creation of
    - gadget/quantity: tweak test name
    - snap: fix failing unittest for quantity.FormatDuration()
    - gadget/quantity: introduce a new package that captures quantities
    - o/devicestate,a/sysdb: make a backup of the device serial to save
    - tests: fix rare interaction of tests.session and specific tests
    - features: enable classic-preserves-xdg-runtime-dir
    - tests/nested/core20/save: check the bind mount and size bump
    - o/devicetate,dirs: keep device keys in ubuntu-save/save for UC20
    - tests: rename hasHooks to hasInterfaceHooks in the ifacestate
    - o/devicestate: unit test tweaks
    - boot: store the TPM{PolicyAuthKey,LockoutAuth}File in ubuntu-save
    - testutil, cmd/snap/version: fix misc little errors
    - overlord/devicestate: bind mount ubuntu-save under
      /var/lib/snapd/save on startup
    - gadget/internal: tune ext4 setting for smaller filesystems
    - tests/nested/core20/save: a test that verifies ubuntu-save is
      present and set up
    - tests: update google sru backend to support groovy
    - o/ifacestate: handle interface hooks when preseeding
    - tests: re-enable the apt hooks test
    - interfaces,snap: use correct type: {os,snapd} for test data
    - secboot: set metadata and keyslots sizes when formatting LUKS2
    - tests: improve uc20-create-partitions-reinstall test
    - client, daemon, cmd/snap: cleanups from #9489 + more unit tests
    - cmd/snap-bootstrap: mount ubuntu-save during boot if present
    - secboot: fix doc comment on helper for unlocking volume with key
    - tests: add spread test for refreshing from an old snapd and core18
    - o/snapstate: generate snapd snap wrappers again after restart on
    - secboot: version bump, unlock volume with key
    - tests/snap-advise-command: re-enable test
    - cmd/snap, snapmgr, tests: cleanups after #9418
    - interfaces: deny connected x11 plugs access to ICE
    - daemon,client: write and read a maintenance.json file for when
      snapd is shut down
    - many: update to secboot v1 (part 1)
    - osutil/disks/mockdisk: panic if same mountpoint shows up again
      with diff opts
    - tests/nested/core20/ga

Source diff to previous version
1904098 [SRU] 2.48

Version: 2.47.1 2020-10-26 13:07:07 UTC

  snapd (2.47.1) xenial; urgency=medium

  * New upstream release, LP: #1895929
    - o/configstate: create /etc/sysctl.d when applying early config
    - cmd/snap-bootstrap/initramfs-mounts: also copy /etc/machine-id for
      same IP addr
    - packaging/{ubuntu,debian}: add liblzo2-dev as a dependency for
      building snapd
    - cmd/snap: allow snap help vs --all to diverge purposefully
    - snap: snap help output refresh

 -- Michael Vogt <email address hidden> Thu, 08 Oct 2020 09:30:44 +0200

Source diff to previous version
1895929 [SRU] 2.47

Version: 2.46.1 2020-09-22 17:06:17 UTC

  snapd (2.46.1) xenial; urgency=medium

  * New upstream release, LP: #1891134
    - interfaces: allow snap-update-ns to read
    - github: run macOS job with Go 1.14
    - o/snapstate, features: add feature flag for disk space check on
    - tests: account for apt-get on core18
    - mkversion.sh: include dirty in version if the tree
      is dirty
    - interfaces/systemd: compare dereferenced Service
    - vendor.json: update mysterious secboot SHA again

 -- Michael Vogt <email address hidden> Fri, 04 Sep 2020 17:42:54 +0200

Source diff to previous version
1891134 [SRU] 2.46

Version: 2.45.1ubuntu0.2 2020-07-15 18:06:22 UTC

  snapd (2.45.1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: sandbox escape vulnerability via snapctl user-open
    - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment
      variable modification when calling the system xdg-open. Patch
      thanks to James Henstridge
    - packaging/ubuntu-16.04/snapd.postinst: kill userd on upgrade so it
      may autostart on next use. Patch thanks to Michael Vogt
    - CVE-2020-11934
    - LP: #1880085

 -- Emilia Torino <email address hidden> Fri, 10 Jul 2020 10:40:52 -0300

About   -   Send Feedback to @ubuntu_updates