UbuntuUpdates.org

Package "snapd"

Name: snapd

Description:

Daemon and tooling that enable snap packages
Latest version: 2.54.3+20.04.1ubuntu0.2
Release: focal (20.04)
Level: security
Repository: main
Homepage: https://github.com/snapcore/snapd

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "snapd"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "snapd" in Focal

Repository Area Version
base universe 2.44.3+20.04
base main 2.44.3+20.04
security universe 2.54.3+20.04.1ubuntu0.2
updates main 2.54.3+20.04.1ubuntu0.3
updates universe 2.54.3+20.04.1ubuntu0.3
proposed universe 2.55.5+20.04
proposed main 2.55.5+20.04

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.54.3+20.04.1ubuntu0.2 2022-02-23 23:06:19 UTC

  snapd (2.54.3+20.04.1ubuntu0.2) focal-security; urgency=medium

  * SECURITY REGRESSION: Fix fish shell compatibility
    - data/env/snapd.fish.in: more workarounds for even older fish shells,
      provide reasonable defaults.
    - LP: #1961791

 -- Paulo Flabiano Smorigo <email address hidden> Wed, 23 Feb 2022 18:25:31 +0000
Source diff to previous version
1961791 2.54.3+21.10.1ubuntu0.1 broke Plasma Desktop when Fish is the default shell

Version: 2.54.3+20.04.1ubuntu0.1 2022-02-19 02:06:27 UTC

  snapd (2.54.3+20.04.1ubuntu0.1) focal-security; urgency=medium

  * SECURITY REGRESSION: Fix fish shell compatibility
    - data/env/snapd.fish.in: fix fish env for all versions of fish, unexport
      local vars, export XDG_DATA_DIRS.
    - LP: #1961365

 -- Paulo Flabiano Smorigo <email address hidden> Fri, 18 Feb 2022 21:31:48 +0000
Source diff to previous version
1961365 2.54.3+18.04 update on bionic breaks fish shell

Version: 2.54.3+20.04.1 2022-02-18 03:07:18 UTC

  snapd (2.54.3+20.04.1) focal-security; urgency=medium

  * debian/rules: disabling unit tests on riscv64

 -- Emilia Torino <email address hidden> Thu, 17 Feb 2022 15:37:53 -0300
Source diff to previous version

Version: 2.54.3+20.04 2022-02-17 18:09:51 UTC

  snapd (2.54.3+20.04) focal-security; urgency=medium

  * SECURITY UPDATE: Sensitive information exposure
    - usersession/autostart: change ~/snap perms to 0700 on startup.
    - cmd: create ~/snap dir with 0700 perms.
    - CVE-2021-3155
    - LP: #1910298
  * SECURITY UPDATE: Local privilege escalation
    - snap-confine: Add validations of the location of the snap-confine
      binary within snapd.
    - snap-confine: Fix race condition in snap-confine when preparing a
      private mount namespace for a snap.
    - CVE-2021-44730
    - CVE-2021-44731
  * SECURITY UPDATE: Data injection from malicious snaps
    - interfaces: Add validations of snap content interface and layout
      paths in snapd.
    - CVE-2021-4120
    - LP: #1949368

 -- Michael Vogt <email address hidden> Tue, 15 Feb 2022 17:45:13 +0100
Source diff to previous version
1910298 ~/snap directory should be o0700
CVE-2021-3155 RESERVED
CVE-2021-44730 RESERVED
CVE-2021-44731 RESERVED
CVE-2021-4120 RESERVED

Version: 2.48.3+20.04 2021-02-10 01:07:16 UTC

  snapd (2.48.3+20.04) focal-security; urgency=medium

  * SECURITY UPDATE: sandbox escape vulnerability for containers
    (LP: #1910456)
    - many: add Delegate=true to generated systemd units for special
      interfaces
    - interfaces/greengrass-support: back-port interface changes to
      2.48
    - CVE-2020-27352
  * interfaces/builtin/docker-support: allow /run/containerd/s/...
    - This is a new path that docker 19.03.14 (with a new version of
      containerd) uses to avoid containerd CVE issues around the unix
      socket. See also CVE-2020-15257.
CVE-2020-27352 RESERVED
CVE-2020-15257 containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.


About   -   Send Feedback to @ubuntu_updates