Publishing details

Changelog

snapd (2.63+24.04ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: sandbox escape via $HOME/bin
    - interfaces/builtin/home: explicitly deny writing to @{HOME}/bin
    - CVE-2024-1724
  * SECURITY UPDATE: denial-of-service via crafted files in squashfs image
    - snap, snapdir, squashfs: improve validation of target file
      mode/types
    - CVE-2024-29068
  * SECURITY UPDATE: information disclosure via crafted symlinks in
    squashfs image
    - snap, snapdir, squashfs: improve external symlink validation
    - CVE-2024-29069

 -- Alex Murray <email address hidden>  Fri, 26 Jul 2024 12:02:26 +0930

Available diffs

Builds

Built packages

Package files