* SECURITY UPDATE: weak permissions on secret files, command injection
- d/p/lp2065738/0015-libnetplan-use-more-restrictive-file-permissions.patch:
Use more restrictive file permissions to prevent unprivileged users to
read sensitive data from back end files (LP: #2065738, #1987842)
- CVE-2022-4968
- d/p/lp2066258/0016-libnetplan-escape-control-characters.patch:
Escape control characters in the parser and double quotes in backend files
- d/p/lp2066258/0017-libnetplan-escape-file-paths.patch:
Escape special characters in file paths
- d/p/lp2066258/0018-libnetplan-escape-semicolons-in-service-units.patch:
Escape isolated semicolons in systemd service units (LP: #2066258)
* debian/netplan.io.postinst: Add a postinst maintainer script to call the
generator. It's needed so the file permissions fixes will be applied
automatically, thanks to danilogondolfo
This bug was fixed in the package netplan.io - 0.104-0ubuntu2~ 20.04.5
--------------- 0ubuntu2~ 20.04.5) focal-security; urgency=medium
netplan.io (0.104-
* SECURITY UPDATE: weak permissions on secret files, command injection 0015-libnetplan -use-more- restrictive- file-permission s.patch: 0016-libnetplan -escape- control- characters. patch: 0017-libnetplan -escape- file-paths. patch: 0018-libnetplan -escape- semicolons- in-service- units.patch: netplan. io.postinst: Add a postinst maintainer script to call the
- d/p/lp2065738/
Use more restrictive file permissions to prevent unprivileged users to
read sensitive data from back end files (LP: #2065738, #1987842)
- CVE-2022-4968
- d/p/lp2066258/
Escape control characters in the parser and double quotes in backend files
- d/p/lp2066258/
Escape special characters in file paths
- d/p/lp2066258/
Escape isolated semicolons in systemd service units (LP: #2066258)
* debian/
generator. It's needed so the file permissions fixes will be applied
automatically, thanks to danilogondolfo
-- Sudhakar Verma <email address hidden> Mon, 24 Jun 2024 22:03:31 +0530