This bug was fixed in the package netplan.io - 1.0-2ubuntu1.1 --------------- netplan.io (1.0-2ubuntu1.1) noble-security; urgency=medium
* SECURITY UPDATE: weak permissions on secret files, command injection - d/p/lp2065738/0014-libnetplan-use-more-restrictive-file-permissions.patch: Use more restrictive file permissions to prevent unprivileged users to read sensitive data from back end files (LP: #2065738, #1987842) - CVE-2022-4968 - d/p/lp2066258/0015-libnetplan-escape-control-characters.patch: Escape control characters in the parser and double quotes in backend files. - d/p/lp2066258/0016-backends-escape-file-paths.patch: Escape special characters in file paths. - d/p/lp2066258/0017-backends-escape-semicolons-in-service-units.patch: Escape isolated semicolons in systemd service units. (LP: #2066258) * debian/netplan-generator.postinst: Add a postinst maintainer script to call the generator. It's needed so the file permissions fixes will be applied automatically, thanks to danilogondolfo -- Sudhakar Verma <sudhakar.ve...@canonical.com> Tue, 25 Jun 2024 00:13:00 +0530 ** Changed in: netplan.io (Ubuntu Noble) Status: New => Fix Released ** Changed in: netplan.io (Ubuntu Focal) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1987842 Title: wireguard: netdev file can leak private key To manage notifications about this bug go to: https://bugs.launchpad.net/netplan/+bug/1987842/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs