Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2022-1804

Published: 24 May 2022

accountsservice no longer drops permissions when writing .pam_environment

Notes

Author	Note
mdeslaur	This is caused by the fix for CVE-2020-16126 being reverted

Priority

Status

Package	Release	Status
accountsservice Launchpad, Ubuntu, Debian	bionic	Not vulnerable
	focal	Not vulnerable
	impish	Not vulnerable (0.6.55-0ubuntu14.1)
	upstream	Needs triage
	jammy	Released (22.07.5-2ubuntu1.3)

References

Bugs

https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1974250

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading