* SECURITY UPDATE: stop snaps from loading and unloading modules, to
prevent bypass of audio recording restriction (LP: #1877102). Patch thanks
to James Henstridge
- d/p/0407-access-Add-access-control-hooks.patch: make sure access
hook IDs are non-zero.
- d/p/0700-modules-add-snappy-policy-module.patch: Prevent snaps from
controlling modules, terminating the daemon, or disconnecting clients.
- CVE-2020-11931
* debian/control: Build-Depends on libsnapd-glib-dev (>= 1.49)
This bug was fixed in the package pulseaudio - 1:13.0-1ubuntu1.2
---------------
pulseaudio (1:13.0-1ubuntu1.2) eoan-security; urgency=medium
* SECURITY UPDATE: stop snaps from loading and unloading modules, to access- Add-access- control- hooks.patch: make sure access modules- add-snappy- policy- module. patch: Prevent snaps from
prevent bypass of audio recording restriction (LP: #1877102). Patch thanks
to James Henstridge
- d/p/0407-
hook IDs are non-zero.
- d/p/0700-
controlling modules, terminating the daemon, or disconnecting clients.
- CVE-2020-11931
* debian/control: Build-Depends on libsnapd-glib-dev (>= 1.49)
-- Jamie Strandboge <email address hidden> Wed, 06 May 2020 21:33:27 +0000