DSA 4849-1: firejail security update

Debian 10222 Published 2021-02-10 07:22 by Philipp Esselbach

News

A firejail security update has been released for Debian GNU/Linux 9 LTS to address a root privilege escalation issue.

DSA 4849-1: firejail security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4849-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 09, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : firejail
CVE ID : CVE-2021-26910

Roman Fiedler discovered a vulnerability in the OverlayFS code in
firejail, a sandbox program to restrict the running environment of
untrusted applications, which could result in root privilege escalation.
This update disables OverlayFS support in firejail.

For the stable distribution (buster), this problem has been fixed in
version 0.9.58.2-2+deb10u2.

We recommend that you upgrade your firejail packages.

For the detailed security status of firejail please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/firejail

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

USN-4727-1: Linux kernel vulnerability

DSA 4850-1: libzstd security update

DSA 4849-1: firejail security update

DSA 4849-1: firejail security update

Windows

Linux

macOS

Community