[Bug 1617617] Re: Firewall configuration can be modified by any logged in user

Launchpad Bug Tracker Thu, 02 Nov 2017 20:56:50 -0700

This bug was fixed in the package firewalld - 0.4.0-1ubuntu0.1

---------------
firewalld (0.4.0-1ubuntu0.1) xenial-security; urgency=medium


  * SECURITY UPDATE: Any logged in user could modify passthrough rules
    and set ipset entries (LP: #1617617)
    - debian/patches/CVE-2016-5410.patch: Enforce appropriate PolicyKit
      authentication requirements, based on upstream 0.4.3.3 commit
    - CVE-2016-5410

 -- Lucas Kocia <[email protected]>  Wed, 25 Oct 2017 21:03:52 -0400

** Changed in: firewalld (Ubuntu Xenial)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1617617

Title:
  Firewall configuration can be modified by any logged in user

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firewalld/+bug/1617617/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1617617] Re: Firewall configuration can be modified by any logged in user

Reply via email to