Re: your symlink question. AppArmor is returning permissions regarding
reading the symlink it self, which is a precursor to traversing the
symlink to the file it is pointing at.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
- [Multiple out-of-bound reads in ozwpan driver]
+ The OZWPAN driver in the Linux kernel through 4.0.5 relies on an
+ untrusted length field during packet parsing, which allows remote
+ attackers to obtain sensitive information from kernel memory or cause a
+ denial of
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Fix Released
** Changed in: linux (Ubuntu Precise)
Status: New = Fix Released
** Changed in: linux (Ubuntu Vivid)
Status: New = Fix Released
** Changed in: linux (Ubuntu Utopic)
Status: New = Fix Released
** Changed in: linux (Ubuntu Precise)
Status: Fix Committed = Fix Released
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: linux (Ubuntu Precise)
Status: Fix Committed = Fix Released
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1453256
Title:
CVE-2015-3636
To manage notifications about
** Changed in: linux (Ubuntu Precise)
Status: Fix Committed = Fix Released
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
- [signed to unsigned data type change]
+ Integer signedness error in the oz_hcd_get_desc_cnf function in
+ drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel
+ through 4.0.5 allows remote attackers to cause a denial of service
+ (system crash) or
** Changed in: linux (Ubuntu Precise)
Status: Fix Committed = Fix Released
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
- [Missing length checks in packet processing]
+ drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux
+ kernel through 4.0.5 does not ensure that certain length values are
+ sufficiently large, which allows remote attackers to cause a denial of
+ service
** Description changed:
- [Divide by zero in softirq]
+ The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c
+ in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote
+ attackers to cause a denial of service (divide-by-zero error and system
+ crash) via a crafted
Tentative backport of patch for 2.9 (note it only needs a single patch)
** Patch added: foo.diff
https://bugs.launchpad.net/snappy/+bug/1460152/+attachment/4415266/+files/foo.diff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
CVE-2015-1328
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
*** This bug is a security vulnerability ***
Public security bug reported:
overlayfs privilege escalation
** Affects: linux (Ubuntu)
Importance: High
Status: New
** Affects: linux-armadaxp (Ubuntu)
Importance: High
Status: Invalid
** Affects: linux-ec2 (Ubuntu)
sorry, yes. I have been poking at what is the best/minimum backport of
this
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1460152
Title:
apparmor cache not updated when apparmor.d rules change
not really, comm= added by the audit subsystem and is set by the thread
the check is being done in, in kernel context. Both the send and
receive check are being done in the same place so comm= will not change.
We are not in control of this so there is little we can do about it.
--
You received
The commits that fix these issues are in apparmor 2.10
r2867 - wrong handling of \x00 by the compiler
r2866 - wrong handling of the * and ** globs for abstract socket names
In adddition
in 2.9 contains r2248 - which allows a fixed alternation depth by setting the
define MAX_ALT_DEPTH, this
There is an apparmor update working its way through the SRU process
http://bugs.launchpad.net/bugs/1449769
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1319829
Title:
aa-genprof will crash when
** Changed in: linux-lts-trusty (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux-lts-trusty (Ubuntu Wily)
Status: New = Invalid
** Changed in: linux-lts-trusty (Ubuntu Utopic)
Status: New = Invalid
** Changed in: linux-lts-trusty (Ubuntu Trusty)
Status: New
** Changed in: linux-lts-trusty (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux-lts-trusty (Ubuntu Wily)
Status: New = Invalid
** Changed in: linux-lts-trusty (Ubuntu Utopic)
Status: New = Invalid
** Changed in: linux-lts-trusty (Ubuntu Trusty)
Status: New
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux-lts-quantal (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
**
*** This bug is a security vulnerability ***
Public security bug reported:
[Multiple out-of-bound reads in ozwpan driver]
Break-Fix: ae926051d7eb8f80dba9513db70d2e2fc8385d3a -
** Affects: linux (Ubuntu)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu)
CVE-2015-4004
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
** Changed in: linux-lts-quantal (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux-armadaxp (Ubuntu Precise)
Status: New =
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux-lts-quantal (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
**
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux-lts-quantal (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
**
** Changed in: linux-lts-trusty (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux-lts-trusty (Ubuntu Wily)
Status: New = Invalid
** Changed in: linux-lts-trusty (Ubuntu Utopic)
Status: New = Invalid
** Changed in: linux-lts-trusty (Ubuntu Trusty)
Status: New
Looks good
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1458901
Title:
linux: 3.2.0-85.122 -proposed
** Changed in: linux (Ubuntu Wily)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1416503
Title:
CVE-2015-1420
To manage notifications about this bug go to:
Michael,
I have a patch (well two actually), and they just need further review
and testing. I also have a partial hashing patch that if needed could be
finished in a few hours, and add native hashing (if we go this route we
could make the hash selectable, so something fast like lookup3 could be
second patch
** Patch added:
0002-Set-cache-file-tstamp-to-the-mtime-of-most-recent-po.patch
https://bugs.launchpad.net/snappy/+bug/1460152/+attachment/4411427/+files/0002-Set-cache-file-tstamp-to-the-mtime-of-most-recent-po.patch
--
You received this bug notification because you are a
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux (Ubuntu Wily)
Status: New = Invalid
**
** Changed in: linux (Ubuntu Wily)
Status: New = Fix Committed
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux (Ubuntu Wily)
Status: New = Invalid
**
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux (Ubuntu Wily)
Status: New = Invalid
** Changed in: linux (Ubuntu Utopic)
Status: New = Invalid
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New = Invalid
** Changed in:
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux (Ubuntu Wily)
Status: New = Invalid
**
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux (Ubuntu Wily)
Status: New = Invalid
**
** Changed in: linux (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux (Ubuntu Wily)
Status: New = Invalid
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: New = Fix Committed
** Changed
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1462255
Title:
CVE-2015-4178
To manage notifications about this bug go
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1462249
Title:
CVE-2015-4177
To manage notifications about this bug go
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux (Ubuntu Vivid)
Status: New = Invalid
** Changed in: linux (Ubuntu Wily)
Status: New = Invalid
** Changed in: linux (Ubuntu Utopic)
Status: New = Invalid
** Changed in: linux
CVE-2015-4177
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
CVE-2015-4178
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
*** This bug is a security vulnerability ***
Public security bug reported:
[ns: user namespaces panic -- lack of internal consistency of a data
structure]
Break-Fix: - 820f9f147dcce2602eefd9b575bbbd9ea14f0953
** Affects: linux (Ubuntu)
Importance: Medium
Status: New
** Affects:
CVE-2015-4176
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
*** This bug is a security vulnerability ***
Public security bug reported:
Deletion of a file or directory could trigger an unmount and reveal data
under a mount point.
Break-Fix: - e0c9c0afd2fc958ffa34b697972721d81df8a56f
** Affects: linux (Ubuntu)
Importance: Medium
Status: New
*** This bug is a security vulnerability ***
Public security bug reported:
[ns: user namespaces panic -- lack of state identification]
Break-Fix: - cd4a40174b71acd021877341684d8bb1dc8ea4ae
** Affects: linux (Ubuntu)
Importance: Medium
Status: New
** Affects: linux-armadaxp
Yes the apparmor_parser should set the mtime of the cache file to be the
most recent mtime timestamp of the set of policy files that resulted in
the cache files creation. This is something we have been meaning to do
for a long time but just never gotten around to it because there always
something
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1458901
Title:
linux: 3.2.0-85.122 -proposed tracker
To
CVE-2014-9729
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
*** This bug is a security vulnerability ***
Public security bug reported:
[iinfo-i_lenAlloc != inode-i_size]
Break-Fix: - e159332b9af4b04d882dbcfe1bb0117f0a6d4b58
** Affects: linux (Ubuntu)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu)
Importance:
CVE-2015-1805
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
*** This bug is a security vulnerability ***
Public security bug reported:
A flaw was found in the way pipe_iov_copy_from_user() and
pipe_iov_copy_to_user() functions handled iovecs remaining len
accounting on failed atomic access. An unprivileged local user could
this flaw to crash the system
*** This bug is a security vulnerability ***
Public security bug reported:
[udf: information leakage when reading symlink]
Break-Fix: - 0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14
** Affects: linux (Ubuntu)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu)
CVE-2014-9731
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
CVE-2014-9730
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
*** This bug is a security vulnerability ***
Public security bug reported:
[properly ignore component length for component types that do not use
it]
Break-Fix: - e237ec37ec154564f8690c5bd1795339955eeef9
** Affects: linux (Ubuntu)
Importance: Medium
Status: New
** Affects:
*** This bug is a security vulnerability ***
Public security bug reported:
[fs: udf kernel oops]
Break-Fix: - 23b133bdc452aa441fcb9b82cbf6dd05cfd342d0
** Affects: linux (Ubuntu)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu)
Importance: Medium
CVE-2015-4167
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
*** This bug is a security vulnerability ***
Public security bug reported:
A UDF filesystem image with malicious lengths specified in multiple
datastructures could cause crashes or other undesired behaviours.
Break-Fix: - e159332b9af4b04d882dbcfe1bb0117f0a6d4b58
Break-Fix: -
CVE-2014-9728
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
** Description changed:
- [chown() was racy relative to execve()]
+ Race condition in the prepare_binprm function in fs/exec.c in the Linux
+ kernel before 3.19.6 allows local users to gain privileges by executing
+ a setuid program at a time instant when a chown to root is in progress,
+ and the
CVE-2015-4170
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
*** This bug is a security vulnerability ***
Public security bug reported:
[vulnerability in the kernel tty subsystem]
Break-Fix: - 4898e640caf03fdbaf2122d5a33949bf3e4a5b34
Break-Fix: - cf872776fc84128bb779ce2b83a37c884c3203ae
** Affects: linux (Ubuntu)
Importance: Medium
Status:
** Description changed:
- [btrfs: non-atomic xattr replace operation]
+ The Btrfs implementation in the Linux kernel before 3.19 does not ensure
+ that the visible xattr state is consistent with a requested replacement,
+ which allows local users to bypass intended ACL settings and gain
+
** Description changed:
- [DoS -- OOPS NULL pointer dereference in nf_nat_setup_info+0x471]
+ include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem
+ in the Linux kernel before 3.14.5 uses an insufficiently large data type
+ for certain extension data, which allows local users to
** Description changed:
- Linux mishandles int80 fork from 64-bit tasks
+ arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not
+ prevent the TS_COMPAT flag from reaching a user-mode task, which might
+ allow local users to bypass the seccomp or audit protection mechanism
+ via a
** Description changed:
- [IPv6 Hop limit lowering via RA messages]
+ The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor
+ Discovery (ND) protocol implementation in the IPv6 stack in the Linux
+ kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit
+ setting
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux-armadaxp (Ubuntu Precise)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux-armadaxp (Ubuntu Precise)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux-armadaxp (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux-lts-vivid (Ubuntu Trusty)
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux-armadaxp (Ubuntu Precise)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
Race condition in the handle_to_path function in fs/fhandle.c in the
Linux kernel through 3.19.1 allows local users to bypass intended size
restrictions and trigger read operations on additional memory locations
by changing the handle_bytes value of a file handle
** Changed in: linux-lts-trusty (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux-lts-quantal (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux (Ubuntu Precise)
Status: New = Invalid
** Changed in: linux-ti-omap4 (Ubuntu Precise)
Status: New
Looks good
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1460183
Title:
linux-lts-vivid:
** Changed in: linux-lts-vivid (Ubuntu Trusty)
Status: New = Fix Committed
** Changed in: linux-lts-utopic (Ubuntu Trusty)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
CVE-2015-0275
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-0275
** Changed in: kernel-sru-workflow/security-signoff
Status: Invalid = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
CVE-2015-0275
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-0275
** Changed in: kernel-sru-workflow/security-signoff
Status: Invalid = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Looks good
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1459957
Title:
linux: 3.19.0-20.20 -proposed
** Changed in: linux-lts-vivid (Ubuntu Trusty)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1457807
Title:
CVE-2015-4036
To manage notifications about this bug
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = John Johansen
(jjohansen)
--
You received this bug notification because you are a member
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = John Johansen
(jjohansen)
--
You received this bug notification because you are a member
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = John Johansen
(jjohansen)
--
You received this bug notification because you are a member
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = John Johansen
(jjohansen)
--
You received this bug notification because you are a member
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = John Johansen
(jjohansen)
--
You received this bug notification because you are a member
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = John Johansen
(jjohansen)
--
You received this bug notification because you are a member
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = John Johansen
(jjohansen)
--
You received this bug notification because you are a member
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = John Johansen
(jjohansen)
--
You received this bug notification because you are a member
No CVEs
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1458618
Title:
linux: 3.13.0-54.91 -proposed tracker
No CVEs
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1458778
Title:
linux: 3.16.0-39.53 -proposed tracker
No CVEs
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1458901
Title:
linux: 3.2.0-85.122 -proposed tracker
To
No CVEs
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1458977
Title:
linux-lts-utopic: 3.16.0-39.53~14.04.1
No CVEs
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1459068
Title:
linux-lts-trusty:
No CVEs
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1458999
Title:
linux-ti-omap4: 3.2.0-1465.85
Note: specifying a profile name that doesn't exist will result in an
error like
./query_file badprofile /tmp /tmp/
read '/tmp' error: No such file or directory
read '/tmp/' error: No such file or directory
the apparmor query interface will not tell you if the file being queried does
not exist,
Attached is a example program that builds a file query string.
to build
gcc -o query_file query_file.c -l apparmor
to use
query_file profile_name file1 file2 file3 ...
eg.
./query_file firefox /tmp /tmp/
read '/tmp' denied
read '/tmp/' allowed
** Attachment added: example program
** Changed in: linux (Ubuntu Precise)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447367
Title:
CVE-2015-3331
To manage notifications about this bug go to:
** Changed in: linux (Ubuntu Precise)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Vivid)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Wily)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Utopic)
Status: New = Fix Committed
**
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1441108
Title:
CVE-2015-2925
To manage notifications about this bug go
This ability was introduced in the utopic kernel.
** Changed in: apparmor (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381713
Title:
Support
1001 - 1100 of 8095 matches
Mail list logo