This bug was fixed in the package firejail - 0.9.38-1ubuntu0.1
---------------
firejail (0.9.38-1ubuntu0.1) xenial-security; urgency=low
* SECURITY UPDATE: sandbox escape via TIOCSTI ioctl (LP: #1655136)
- debian/patches/CVE-2016-9016.patch: cherry-picked from upstream
0.9.38-LTS branch (commit 19302eb)
- CVE-2016-9016
* SECURITY UPDATE: truncate /etc/resolv.conf as non-root user (LP: #1655136)
- debian/patches/CVE-2016-10118.patch: cherry-picked from upstream
0.9.38-LTS branch (commit 4f4e59c)
- CVE-2016-10118
* SECURITY UPDATE: local privilege escalation to root (LP: #1655136)
- debian/patches/CVE-2017-5180.patch: cherry-picked from upstream
0.9.38-LTS branch (commit ad97545)
- CVE-2017-5180
-- Reiner Herrmann <[email protected]> Tue, 17 Jan 2017 20:16:26
+0100
** Changed in: firejail (Ubuntu Xenial)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1655136
Title:
Multiple CVEs in xenial
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firejail/+bug/1655136/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
