-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5080-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 18, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : snapd CVE ID : CVE-2021-44730 CVE-2021-44731 Multiple vulnerabilties were discovered in snapd, a daemon and tooling that enable Snap packages, which could result in bypass of access restrictions or privilege escalation. For the oldstable distribution (buster), these problems have been fixed in version 2.37.4-1+deb10u1. For the stable distribution (bullseye), these problems have been fixed in version 2.49-1+deb11u1. We recommend that you upgrade your snapd packages. For the detailed security status of snapd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/snapd Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIP7GAACgkQEMKTtsN8 TjaK+hAAsEhseoBOiAZ99GGFoQd1GCxYl/zZsjObvfLeJXGsJ+llZpOjeCUL5E5W GNhFbtUpNhiSSDRBrTdx3uU5G2nMYpENLoq7RkndYDkpYfNYrKLRkpT4qSP37p/5 LpSp+Zy7hFsYVWJwjoGvus6lCEBmV5nfYzCRu+3L6NUZTw4OKKxNwOByaciQgG5R bGk5WNNvDYKPmkhaEPmZr/ikWOHg4zvOHWh0tdbpVSCgJPDyc5AreTFMOOoNRJ5W oJzYPknLZjbx1BTDEKiFDAWk4n30xkhSLvsLrlQ37qpOj/S4FqJXcKXAFq28oRH1 sWaFEVWXYh4a6WBZw2NOL2xZHYbu3dPQp277RH5YrBXdRYEhEkaRU4s7Aw7XtZnl zvamHGmgXstYj2lxYRTjEpD10xlnSWDq48tGGpuxfOE2KTMoYsOtN4CFRMXfnvCx 62m4QmLFy2PgHmlf6r+0yE0KG5SPaboPUVmozgpA9OF+AQwU3zxZ/IFTOeiBTWiT 8yaP1vMQegkoPCT+L3oSKbFMy0CUweYZQtndAll5HC2ddmWPuxVSYOZ4CknzgrJ0 WKPs2hMYqNczXTOsqQgU3EY6AIj3hHRkI2ViPvjj9YM2NGwKBpgSJTO278+kz+qC V8uPsoWZYn29pkUVJGFvXqneU/SkIP2SM8zDtcPwcc/7FL40uBk= =971o -----END PGP SIGNATURE-----