Debian 10 Buster DLA-3731-1 Moderate Man-DB Sandboxing Fix
debian lts
February 1, 2024
man-db provides the "man" command used for reading manual pages
Topics Covered
Summary
man-db 2.7.6.1-3 added AppArmor confinement for filter programs called
by man, and man-db 2.8.0 added a seccomp sandbox to confine subprocesses
that handle untrusted data. These hardening measures caused various
problems that have been fixed in more recent releases: the AppArmor
confinement broke the ability to save compressed cat pages under
/var/cache/man/, while the seccomp sandbox broke Hardened Malloc as well
as systems using mksh-derived shells.
For Debian 10 buster, these problems have been fixed in version
2.8.5-2+deb10u1.
We recommend that you upgrade your man-db packages.
For the detailed security status of man-db please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/man-db
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Package: man-db
Version: 2.8.5-2+deb10u1
CVE ID:
Debian Bug: 926450 948238 1061870
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!