• [SECURITY] [DSA 4849-1] firejail security update

    From Salvatore Bonaccorso@21:1/5 to All on Tue Feb 9 22:20:02 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4849-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 09, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : firejail
    CVE ID : CVE-2021-26910

    Roman Fiedler discovered a vulnerability in the OverlayFS code in
    firejail, a sandbox program to restrict the running environment of
    untrusted applications, which could result in root privilege escalation.
    This update disables OverlayFS support in firejail.

    For the stable distribution (buster), this problem has been fixed in
    version 0.9.58.2-2+deb10u2.

    We recommend that you upgrade your firejail packages.

    For the detailed security status of firejail please refer to its
    security tracker page at:
    https://security-tracker.debian.org/tracker/firejail

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAi+oVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TfcA/+Oql0UYg91bBhISV37airwVjjdiLubX6bBpd4F3T12TPDuPBMxofY+61o M10BBbW8w7MQaQ+uePFT+rL8I3UNU6j3BtvdU8L11FIvkIFIYMKC5VkqThNsJaNK r/LGxIQbxudY2yr7DFOao2pdF5KoorcTcK8Vw/ULiRIL1/jtfzM7tz6RZjVysKlC tNfY7GGOMmHTFyxPkU6sAlAS9scUZuQEJHIAJuzbLHMudoFf5jE2+HbnhAuiYKYh q34ewtuNSda2H4hMNC6U76StdKmWvqjVuPyt9kQ1HVF+gbcaNRz7XL0rC1YEcnpo d3mGZem1Pa5TcFzjaH8OKfqTsNKU+gC5JbRt/JmQho0IS8BPdZxOiHWWplawjj/k K1VfBIWNJBf2Z9guoTqBkfLB5B1nreO3opVhgveft9NiH5ydeFa1z92utLQPN8fN Mr7quGK88F9EGlORHdCXoqp4WTAai5wwdUkjY+y+Zt1Cr7wTsdTSvcWNKQQP8EvT fhFTvU/57f3/jqE2N/FStDdcJNt95Q81qiuM7Ot4c9UQBuSGhcUo1+eoCArj1niv MqeHc+bMv/Wxrg6LGsAEnDTgQHVBul+hROFBqlUExsQSLwq5o0jjUGBT8V3ZkXs6 JU69tVRsNU6c2+BHjg8zclURqQ3mLTW0BCReKK5JqbL8eo1G2lA=
    =+BOy
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)