GLSA-201612-48 : Firejail: Multiple vulnerabilities
Medium Nessus Plugin ID 96128
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201612-48 (Firejail: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in Firejail. Please review upstream’s release notes below for details.
A remote attacker could possibly bypass sandbox protection, cause a Denial of Service condition, or change a system’s DNS server.
There is no known workaround at this time.
SolutionAll Firejail users should switch to the newly added LTS version:
# emerge --sync # emerge --ask --oneshot --verbose '>=sys-apps/firejail-lts-0.9.38.6' Users who want to stay on the current branch should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=sys-apps/firejail-0.9.44.2'