Comment 10 for bug 1877102

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pulseaudio - 1:8.0-0ubuntu3.12

---------------
pulseaudio (1:8.0-0ubuntu3.12) xenial-security; urgency=medium

  * SECURITY UPDATE: stop snaps from loading and unloading modules, to
    prevent bypass of audio recording restriction (LP: #1877102). Patch thanks
    to James Henstridge
    - d/p/0407-access-Add-access-control-hooks.patch: make sure access
      hook IDs are non-zero.
    - d/p/0450-modules-add-snappy-policy-module.patch: Prevent snaps from
      controlling modules, terminating the daemon, or disconnecting clients.
    - CVE-2020-11931
  * debian/control: Build-Depends on libsnapd-glib-dev (>= 1.49)

 -- Jamie Strandboge <email address hidden> Thu, 07 May 2020 20:43:53 +0000