* SECURITY UPDATE: stop snaps from loading and unloading modules, to
prevent bypass of audio recording restriction (LP: #1877102). Patch thanks
to James Henstridge
- d/p/0407-access-Add-access-control-hooks.patch: make sure access
hook IDs are non-zero.
- d/p/0450-modules-add-snappy-policy-module.patch: Prevent snaps from
controlling modules, terminating the daemon, or disconnecting clients.
- CVE-2020-11931
* debian/control: Build-Depends on libsnapd-glib-dev (>= 1.49)
This bug was fixed in the package pulseaudio - 1:8.0-0ubuntu3.12
---------------
pulseaudio (1:8.0-0ubuntu3.12) xenial-security; urgency=medium
* SECURITY UPDATE: stop snaps from loading and unloading modules, to access- Add-access- control- hooks.patch: make sure access modules- add-snappy- policy- module. patch: Prevent snaps from
prevent bypass of audio recording restriction (LP: #1877102). Patch thanks
to James Henstridge
- d/p/0407-
hook IDs are non-zero.
- d/p/0450-
controlling modules, terminating the daemon, or disconnecting clients.
- CVE-2020-11931
* debian/control: Build-Depends on libsnapd-glib-dev (>= 1.49)
-- Jamie Strandboge <email address hidden> Thu, 07 May 2020 20:43:53 +0000