USN-4760-1: libzstd vulnerabilities
8 March 2021
libzstd could be made to expose sensitive information.
Releases
Packages
- libzstd - fast lossless compression algorithm
Details
It was discovered that libzstd incorrectly handled file permissions. A
local attacker could possibly use this issue to access certain files,
contrary to expectations.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10
Ubuntu 20.04
Ubuntu 18.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5720-1: libzstd1, libzstd1-dev, zstd, libzstd