[Buildroot] [PATCH 1/1] lxc: security bump to version 3.0.3
Peter Korsgaard
peter at korsgaard.com
Sun Dec 9 21:36:09 UTC 2018
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni at bootlin.com> writes:
> On Sun, 2 Dec 2018 10:08:38 +0100, Fabrice Fontaine wrote:
>> This bump also includes the fix for CVE-2018-6556 released in 3.0.2 via
>> commit "CVE 2018-6556: verify netns fd in lxc-user-nic": lxc-user-nic
>> when asked to delete a network interface will unconditionally open a
>> user provided path:
>> https://github.com/lxc/lxc/commit/c1cf54ebf251fdbad1e971679614e81649f1c032
>>
>> This code path may be used by an unprivileged user to check for the
>> existence of a path which they wouldn't otherwise be able to reach. It
>> may also be used to trigger side effects by causing a (read-only) open
>> of special kernel files (ptmx, proc, sys).
>>
>> Also add a dependency on gcc >= 4.7
>> (https://github.com/lxc/lxc/issues/2592)
>>
>> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
>> ---
>> package/lxc/Config.in | 4 +++-
>> package/lxc/lxc.hash | 2 +-
>> package/lxc/lxc.mk | 2 +-
>> 3 files changed, 5 insertions(+), 3 deletions(-)
Committed to 2018.11.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list