** Tags added: aa-kernel

You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.

  The label build for onexec when stacking is wrong

Status in AppArmor:
Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Yakkety:
  Fix Released

Bug description:
  The label build for onexec when crossing a namespace boundry is not           
  quite correct. The label needs to be built per profile and not based          
  on the whole label because the onexec transition only applies to              
  profiles within the ns. Where merging against the label could include         
  profile that are transitioned via the profile_transition callback             
  and should not be in the final label.

To manage notifications about this bug go to:

Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to