使用 Ubuntu 20.04 的你们中有人也注意到 snapd 最近更新得非常频繁吗?如果我没记错的话,snapd 在过去一周左右更新了 3 次……
这是为什么?snapd 中是否发现了多个漏洞,并且已逐一修复,还是有一系列修复失败,需要再次修复,或者......?
答案1
您可以检查变更日志(可从Ubuntu 软件包站点):
snapd (2.54.3+20.04.1ubuntu0.2) focal-security; urgency=medium
* SECURITY REGRESSION: Fix fish shell compatibility
- data/env/snapd.fish.in: more workarounds for even older fish shells,
provide reasonable defaults.
- LP: #1961791
-- Paulo Flabiano Smorigo <[email protected]> Wed, 23 Feb 2022 18:25:31 +0000
snapd (2.54.3+20.04.1ubuntu0.1) focal-security; urgency=medium
* SECURITY REGRESSION: Fix fish shell compatibility
- data/env/snapd.fish.in: fix fish env for all versions of fish, unexport
local vars, export XDG_DATA_DIRS.
- LP: #1961365
-- Paulo Flabiano Smorigo <[email protected]> Fri, 18 Feb 2022 21:31:48 +0000
snapd (2.54.3+20.04.1) focal-security; urgency=medium
* debian/rules: disabling unit tests on riscv64
-- Emilia Torino <[email protected]> Thu, 17 Feb 2022 15:37:53 -0300
snapd (2.54.3+20.04) focal-security; urgency=medium
* SECURITY UPDATE: Sensitive information exposure
- usersession/autostart: change ~/snap perms to 0700 on startup.
- cmd: create ~/snap dir with 0700 perms.
- CVE-2021-3155
- LP: #1910298
* SECURITY UPDATE: Local privilege escalation
- snap-confine: Add validations of the location of the snap-confine
binary within snapd.
- snap-confine: Fix race condition in snap-confine when preparing a
private mount namespace for a snap.
- CVE-2021-44730
- CVE-2021-44731
* SECURITY UPDATE: Data injection from malicious snaps
- interfaces: Add validations of snap content interface and layout
paths in snapd.
- CVE-2021-4120
- LP: #1949368
-- Michael Vogt <[email protected]> Tue, 15 Feb 2022 17:45:13 +0100