Format: 1.8 Date: Thu, 19 May 2022 20:02:04 -0400 Source: accountsservice Built-For-Profiles: noudeb Architecture: source Version: 22.07.5-2ubuntu1.3 Distribution: jammy-security Urgency: medium Maintainer: Ubuntu Developers Changed-By: Marc Deslauriers Launchpad-Bugs-Fixed: 1974250 Changes: accountsservice (22.07.5-2ubuntu1.3) jammy-security; urgency=medium . * SECURITY UPDATE: accountsservice incorrect privilege dropping (LP: #1974250) - debian/patches/0009-language-tools.patch: updated to not reset effective uid, and migrate root-owned .pam_environment file. - This change was originally known as CVE-2020-16126 and got reverted by mistake in 0.6.55-3ubuntu1. - CVE-2022-1804 * Fix FTBFS with a newer python-dbusmock package: - debian/patches/adduser_invocation.patch: fix invocation of AddUser in tests/dbusmock/accounts_service.py. - debian/patches/setlocked_signature.patch: fix the signature for the SetLocked call in tests/dbusmock/accounts_service.py. Checksums-Sha1: a05c68d795e8db5b346ff4d41e06f1cb0676e735 3214 accountsservice_22.07.5-2ubuntu1.3.dsc 8ceef2379a613457f8c8a502bf0630d5c5d8c41a 31124 accountsservice_22.07.5-2ubuntu1.3.debian.tar.xz df627fd9ca62c576c9fb9d980d23907521b6ded0 10867 accountsservice_22.07.5-2ubuntu1.3_source.buildinfo Checksums-Sha256: cd75cb57e318636aec4eaed96bd129b06e67dcc3f0977a5cbdc17f7b34d13017 3214 accountsservice_22.07.5-2ubuntu1.3.dsc 5ea07403c76a11cabd4d2650497065f5cb68588170527cfde8770d2eccbdcd11 31124 accountsservice_22.07.5-2ubuntu1.3.debian.tar.xz 54bc78e38f6f5fe3f650534bbc41931cdfbffd3053776c9d464276cc58809c57 10867 accountsservice_22.07.5-2ubuntu1.3_source.buildinfo Files: f652481959f5654c42f2421570d1d3e3 3214 admin optional accountsservice_22.07.5-2ubuntu1.3.dsc e7b3590ecf086e3c4ae0768dbe98ca86 31124 admin optional accountsservice_22.07.5-2ubuntu1.3.debian.tar.xz 5b786cf3b6e93eca23b106df35469ce0 10867 admin optional accountsservice_22.07.5-2ubuntu1.3_source.buildinfo Original-Maintainer: Debian freedesktop.org maintainers