Packages
- juju-core - next generation service orchestration system
Details
Ryan Beisner discovered juju did not set permissions on a Unix domain
socket. A local attacker could use this flaw to gain administrative
privileges.
Ryan Beisner discovered juju did not set permissions on a Unix domain
socket. A local attacker could use this flaw to gain administrative
privileges.
Update instructions
After a standard system update you need to restart juju-core to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 17.04 zesty | juju – 2.0.2-0ubuntu2.1 | ||
| juju-2.0 – 2.0.2-0ubuntu2.1 | |||
| 16.10 yakkety | juju – 2.0.2-0ubuntu0.16.10.2 | ||
| juju-2.0 – 2.0.2-0ubuntu0.16.10.2 | |||
| 16.04 LTS xenial | juju – 2.0.2-0ubuntu0.16.04.2 | ||
| juju-2.0 – 2.0.2-0ubuntu0.16.04.2 | |||
| 14.04 LTS trusty | juju – 1.25.6-0ubuntu1.14.04.2 | ||
| juju-core – 1.25.6-0ubuntu1.14.04.2 | |||
| juju-local – 1.25.6-0ubuntu1.14.04.2 | |||
| juju-local-kvm – 1.25.6-0ubuntu1.14.04.2 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.