UbuntuUpdates.org

Package "accountsservice"

Name: accountsservice

Description:

query and manipulate user account information

Latest version: 22.07.5-2ubuntu1.3
Release: jammy (22.04)
Level: updates
Repository: main
Homepage: https://www.freedesktop.org/wiki/Software/AccountsService/

Links


Download "accountsservice"


Other versions of "accountsservice" in Jammy

Repository Area Version
base main 22.07.5-2ubuntu1
security main 22.07.5-2ubuntu1.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 22.07.5-2ubuntu1.3 2022-05-24 15:06:33 UTC

  accountsservice (22.07.5-2ubuntu1.3) jammy-security; urgency=medium

  * SECURITY UPDATE: accountsservice incorrect privilege dropping
    (LP: #1974250)
    - debian/patches/0009-language-tools.patch: updated to not reset
      effective uid, and migrate root-owned .pam_environment file.
    - This change was originally known as CVE-2020-16126 and got reverted
      by mistake in 0.6.55-3ubuntu1.
    - CVE-2022-1804
  * Fix FTBFS with a newer python-dbusmock package:
    - debian/patches/adduser_invocation.patch: fix invocation of AddUser in
      tests/dbusmock/accounts_service.py.
    - debian/patches/setlocked_signature.patch: fix the signature for the
      SetLocked call in tests/dbusmock/accounts_service.py.

 -- Marc Deslauriers <email address hidden> Thu, 19 May 2022 20:02:04 -0400

1974250 ~/.pam_environment gets created as owned by root
CVE-2020-16126 RESERVED
CVE-2022-1804 RESERVED



About   -   Send Feedback to @ubuntu_updates