Bug#969349: buster-pu: package chrony/3.4-4+deb10u1
Control: tags -1 + confirmed
On Wed, 2020-09-16 at 14:54 +0200, Vincent Blut wrote:
> Hi,
>
> On 2020-08-31T21:34+0200, Vincent Blut wrote:
[...]
> > chrony versions prior to 3.5.1 are vulnerable to a symlink race
> > when creating the PID file. CVE-2020-14367 has been assigned to
> > this vulnerability.
[...]
> In the meantime, Matt Corallo encountered a limitation in our
> AppArmor profile, which prevents the use of the “tempcomp” directive
> (#970421).
>
Please go ahead.
Regards,
Adam
Reply to: