lxc (1.0.7-0ubuntu0.5) trusty-security; urgency=medium
* SECURITY UPDATE: Arbitrary host file access and AppArmor
confinement breakout via lxc-start following symlinks while
setting up mounts within a malicious container (LP: #1476662).
- debian/patches/0003-CVE-2015-1335.patch: block mounts to paths
containing symlinks and block bind mounts from relative paths
containing symlinks. Patch from upstream.
- CVE-2015-1335
Date: 2015-09-26 16:23:13.852162+00:00
Changed-By: Steve Beattie <[email protected]>
Signed-By: Tyler Hicks <[email protected]>
https://launchpad.net/ubuntu/+source/lxc/1.0.7-0ubuntu0.5
Sorry, changesfile not available.
--
Trusty-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
