** Description changed:
- * SECURITY UPDATE: extractor now runs in a sandbox confined by libseccomp
- - extractor's filesystem and network access is limited to being read and
- local only (LP: #1619600)
- - No CVE number
+ * SECURITY UPDATE: extractor now runs in a sandbox confined by libseccomp
+ - extractor's filesystem and network access is limited to being read and
+ local only (LP: #1648921)
+ - No CVE number
The tracker developers have recently confined their extractor to attempt
to make tracker more resilient to attacks, especially involving flaws in
gstreamer parsers.
There is no CVE number assigned to this issue.
https://lwn.net/Articles/708196/
https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html
The gstreamer security fixes are being handled separately. See bug
1619600
** Also affects: tracker (Ubuntu Yakkety)
Importance: Undecided
Status: New
** Also affects: tracker (Ubuntu Xenial)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tracker in Ubuntu.
https://bugs.launchpad.net/bugs/1648921
Title:
Sandbox the tracker extractor
Status in Tracker:
Fix Released
Status in tracker package in Ubuntu:
New
Status in tracker source package in Xenial:
New
Status in tracker source package in Yakkety:
New
Bug description:
* SECURITY UPDATE: extractor now runs in a sandbox confined by libseccomp
- extractor's filesystem and network access is limited to being read and
local only (LP: #1648921)
- No CVE number
The tracker developers have recently confined their extractor to
attempt to make tracker more resilient to attacks, especially
involving flaws in gstreamer parsers.
There is no CVE number assigned to this issue.
https://lwn.net/Articles/708196/
https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html
The gstreamer security fixes are being handled separately. See bug
1619600
To manage notifications about this bug go to:
https://bugs.launchpad.net/tracker/+bug/1648921/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
