The system could be made to run programs as an administrator.
Ryan Beisner discovered juju did not set permissions on a Unix domain socket. A local attacker could use this flaw to gain administrative privileges.
26 May 2017
A security issue affects these releases of Ubuntu and its derivatives:
The system could be made to run programs as an administrator.
Ryan Beisner discovered juju did not set permissions on a Unix domain socket. A local attacker could use this flaw to gain administrative privileges.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart juju-core to make all the necessary changes.