[ubuntu/noble-updates] screen 4.9.1-1ubuntu1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Jan 26 21:59:15 UTC 2026
screen (4.9.1-1ubuntu1) noble-security; urgency=medium
* SECURITY UPDATE: incorrect PTY permissions
- debian/patches/CVE-2025-46802.patch: prevent temporary 0666 mode on
PTYs in attacher.c, screen.c.
- CVE-2025-46802
* SECURITY UPDATE: minor information leak
- debian/patches/CVE-2025-46804.patch: avoid file existence test
information leaks in screen.c, socket.c.
- CVE-2025-46804
* SECURITY UPDATE: TOCTOU allowing to send SIGHUP, SIGCONT
- debian/patches/CVE-2025-46805.patch: don't send signals with root
privileges in socket.c.
- CVE-2025-46805
Date: 2026-01-26 17:37:09.591525+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/screen/4.9.1-1ubuntu1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list