Fedora Linux 8781 Published by

A firejail security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: firejail-0.9.70-1.fc35


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-827d9ce8ac
2022-09-15 01:28:27.969719
--------------------------------------------------------------------------------

Name : firejail
Product : Fedora 35
Version : 0.9.70
Release : 1.fc35
URL :   https://github.com/netblue30/firejail
Summary : Linux namespaces sandbox program
Description :
Firejail is a SUID sandbox program that reduces the risk of security
breaches by restricting the running environment of untrusted applications
using Linux namespaces. It includes a sandbox profile for Mozilla Firefox.

--------------------------------------------------------------------------------
Update Information:

- Update to 0.9.70 (rhbz#2042724). - Mitigates CVE-2022-31214 (rhbz#2095070).
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 6 2022 Maxwell G - 0.9.70-1
- Update to 0.9.70 (rhbz#2042724).
- Mitigates CVE-2022-31214 (rhbz#2095070).
* Thu Jul 21 2022 Fedora Release Engineering - 0.9.66-4
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering - 0.9.66-3
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2042724 - firejail-0.9.70 is available
  https://bugzilla.redhat.com/show_bug.cgi?id=2042724
[ 2 ] Bug #2095070 - CVE-2022-31214 firejail: CVE-2022-31214: local root exploit reachable via --join logic [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2095070
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-827d9ce8ac' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________