UbuntuUpdates.org

Package "ubuntu-core-launcher"

Name: ubuntu-core-launcher

Description:

Transitional package for snapd
Latest version: 2.67.1+20.04
Release: focal (20.04)
Level: updates
Repository: universe
Head package: snapd
Homepage: https://github.com/snapcore/snapd

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "ubuntu-core-launcher"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "ubuntu-core-launcher" in Focal

Repository Area Version
base universe 2.44.3+20.04
security universe 2.63+20.04ubuntu0.1
proposed universe 2.67.1+20.04

Changelog

Version: 2.67.1+20.04 2025-03-10 23:07:02 UTC

  snapd (2.67.1+20.04) focal; urgency=medium

  * New upstream release, LP: #2089691
    - Fix apparmor permissions to allow snaps access to kernel modules
      and firmware on UC24, which also fixes the kernel-modules-control
      interface on UC24
    - AppArmor prompting (experimental): disallow /./ and /../ in path
      patterns
    - LP: #2090938 Fix 'snap run' getent based user lookup in case of bad PATH
    - Fix snapd using the incorrect AppArmor version during undo of an
      refresh for regenerating snap profiles
    - Add new syscalls to base templates
    - hardware-observe interface: allow riscv_hwprobe syscall
    - mount-observe interface: allow listmount and statmount syscalls
Source diff to previous version
2089691 [SRU] 2.67.1
2090938 $SNAP_USER_COMMON empty when getent cannot be found in $PATH

Version: 2.66.1+20.04 2024-11-26 17:06:58 UTC

  snapd (2.66.1+20.04) focal; urgency=medium

  * New upstream release, LP: #2083490
    - AppArmor prompting (experimental): Fix kernel prompting support
      check
    - Allow kernel snaps to have content slots
    - Fix ignoring snaps in try mode when amending
Source diff to previous version
2083490 [SRU] 2.66.1

Version: 2.65.3+20.04 2024-10-15 18:11:30 UTC

  snapd (2.65.3+20.04) focal; urgency=medium

  * New upstream release, LP: #2077473
    - Fix missing aux info from store on snap setup
Source diff to previous version
2077473 [SRU] 2.65.1

Version: 2.63+20.04ubuntu0.1 2024-08-01 10:07:13 UTC

  snapd (2.63+20.04ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: sandbox escape via $HOME/bin
    - interfaces/builtin/home: explicitly deny writing to @{HOME}/bin
    - CVE-2024-1724
  * SECURITY UPDATE: denial-of-service via crafted files in squashfs image
    - snap, snapdir, squashfs: improve validation of target file
      mode/types
    - CVE-2024-29068
  * SECURITY UPDATE: information disclosure via crafted symlinks in
    squashfs image
    - snap, snapdir, squashfs: improve external symlink validation
    - CVE-2024-29069
  * Fix FTBFS due to missing systemd from Build-Depends
    - debian/control: add systemd to Build-Depends to ensure pkg-config
      can find the systemdutildir to install into

 -- Alex Murray <email address hidden> Fri, 26 Jul 2024 12:28:53 +0930
Source diff to previous version
CVE-2024-1724 In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path.
CVE-2024-29068 In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image
CVE-2024-29069 In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squas

Version: 2.63+20.04 2024-06-13 15:07:00 UTC

  snapd (2.63+20.04) focal; urgency=medium

  * New upstream release, LP: #2061179
    - Support for snap services to show the current status of user
      services (experimental)
    - Refresh app awareness: record snap-run-inhibit notice when
      starting app from snap that is busy with refresh (experimental)
    - Refresh app awareness: use warnings as fallback for desktop
      notifications (experimental)
    - Aspect based configuration: make request fields in the aspect-
      bundle's rules optional (experimental)
    - Aspect based configuration: make map keys conform to the same
      format as path sub-keys (experimental)
    - Aspect based configuration: make unset and set behaviour similar
      to configuration options (experimental)
    - Aspect based configuration: limit nesting level for setting value
      (experimental)
    - Components: use symlinks to point active snap component revisions
    - Components: add model assertion support for components
    - Components: fix to ensure local component installation always gets
      a new revision number
    - Add basic support for a CIFS remote filesystem-based home
      directory
    - Add support for AppArmor profile kill mode to avoid snap-confine
      error
    - Allow more than one interface to grant access to the same API
      endpoint or notice type
    - Allow all snapd service's control group processes to send systemd
      notifications to prevent warnings flooding the log
    - Enable not preseeded single boot install
    - Update secboot to handle new sbatlevel
    - Fix to not use cgroup for non-strict confined snaps (devmode,
      classic)
    - Fix two race conditions relating to freedesktop notifications
    - Fix missing tunables in snap-update-ns AppArmor template
    - Fix rejection of snapd snap udev command line by older host snap-
      device-helper
    - Rework seccomp allow/deny list
    - Clean up files removed by gadgets
    - Remove non-viable boot chains to avoid secboot failure
    - posix_mq interface: add support for missing time64 mqueue syscalls
      mq_timedreceive_time64 and mq_timedsend_time64
    - password-manager-service interface: allow kwalletd version 6
    - kubernetes-support interface: allow SOCK_SEQPACKET sockets
    - system-observe interface: allow listing systemd units and their
      properties
    - opengl interface: enable use of nvidia container toolkit CDI
      config generation

 -- Ernest Lotter <email address hidden> Wed, 24 Apr 2024 02:00:39 +0200
2061179 [SRU] 2.63


About   -   Send Feedback to @ubuntu_updates