This bug was fixed in the package firejail - 0.9.62-3ubuntu0.1
---
firejail (0.9.62-3ubuntu0.1) focal-security; urgency=low
* SECURITY UPDATE: bypass of access restrictions (LP: #1916767)
- disable OverlayFS support which contains a TOCTOU race condition
between a stat
Hi Steve,
thanks for taking care of this issue!
The patch disables overlayfs support completely (at build time), which is (was)
one of many confinement features of firejail. But this is not really a problem,
as the feature was already otherwise broken with newer kernel versions (~4.19):
Hi, thanks for preparing this and apologies that it got overlooked. I've
uploaded it to the security-proposed ppa https://launchpad.net/~ubuntu-
security-proposed/+archive/ubuntu/ppa/ where it has passed autopkgtests.
Any additional testing before it gets released to focal-security would
be