• SECURITY UPDATE: sandbox escape vulnerability on snapctl xdg-open
  implementation
  • usersession/userd/launcher.go: remove XDG_DATA_DIRS environment
    variable modification when calling the system xdg-open. Patch
    thanks to James Henstridge
  • packaging/ubuntu-16.04/snapd.postinst: ensure "snap userd" is
    restarted. Patch thanks to Michael Vogt
  • CVE-2020-11934
  • LP: #1880085
• SECURITY UPDATE: arbitrary code execution vulnerability on core
  devices with access to physical removable media
  • devicestate: Disable/restrict cloud-init after seeding.
  • CVE-2020-11933
  • LP: #1879530