Your message dated Thu, 30 Jul 2015 21:17:41 +0000 with message-id <e1zkvcv-0003zb...@franck.debian.org> and subject line Bug#793298: fixed in lxc 1:1.0.6-6+deb8u1 has caused the Debian Bug report #793298, regarding CVE-2015-1331 CVE-2015-1334 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 793298: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793298 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: lxc Severity: grave Tags: security These two security issues were reported by Tyler Hicks on oss-security: * Roman Fiedler discovered a directory traversal flaw that allows arbitrary file creation as the root user. A local attacker must set up a symlink at /run/lock/lxc/var/lib/lxc/<CONTAINER>, prior to an admin ever creating an LXC container on the system. If an admin then creates a container with a name matching <CONTAINER>, the symlink will be followed and LXC will create an empty file at the symlink's target as the root user. - CVE-2015-1331 - Affects LXC 1.0.0 and higher - https://launchpad.net/bugs/1470842 - https://github.com/lxc/lxc/commit/72cf81f6a3404e35028567db2c99a90406e9c6e6 (master) - https://github.com/lxc/lxc/commit/61ecf69d7834921cc078e14d1b36c459ad8f91c7 (stable-1.1) - https://github.com/lxc/lxc/commit/f547349ea7ef3a6eae6965a95cb5986cd921bd99 (stable-1.0) * Roman Fiedler discovered a flaw that allows processes intended to be run inside of confined LXC containers to escape their AppArmor or SELinux confinement. A malicious container can create a fake proc filesystem, possibly by mounting tmpfs on top of the container's /proc, and wait for a lxc-attach to be ran from the host environment. lxc-attach incorrectly trusts the container's /proc/PID/attr/{current,exec} files to set up the AppArmor profile and SELinux domain transitions which may result in no confinement being used. - CVE-2015-1334 - Affects LXC 0.9.0 and higher - https://launchpad.net/bugs/1475050 - https://github.com/lxc/lxc/commit/5c3fcae78b63ac9dd56e36075903921bd9461f9e (master) - https://github.com/lxc/lxc/commit/659e807c8dd1525a5c94bdecc47599079fad8407 (stable-1.1) - https://github.com/lxc/lxc/commit/15ec0fd9d490dd5c8a153401360233c6ee947c24 (stable-1.0) Can you prepare an update for jessie-security? Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: lxc Source-Version: 1:1.0.6-6+deb8u1 We believe that the bug you reported is fixed in the latest version of lxc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 793...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated lxc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 22 Jul 2015 18:12:27 +0200 Source: lxc Binary: lxc lxc-dbg Architecture: source Version: 1:1.0.6-6+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Daniel Baumann <m...@daniel-baumann.ch> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: lxc - Linux Containers userspace tools lxc-dbg - Linux Containers userspace tools (debug) Closes: 793298 Changes: lxc (1:1.0.6-6+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * Add 0018-CVE-2015-1331-lxclock-use-run-lxc-lock-rather-than-r.patch. CVE-2015-1331: Directory traversal flaw that allows arbitrary file creation as the root user. (Closes: #793298) * Add 0019-CVE-2015-1334-Don-t-use-the-container-s-proc-during-.patch. CVE-2015-1334: Processes intended to be run inside of confined LXC containers could escape their AppArmor or SELinux confinement. (Closes: #793298) Checksums-Sha1: ed81cd8a0e58e66bcd11e2f826c2a0dec0d86632 2082 lxc_1.0.6-6+deb8u1.dsc 6ea61825e4edc71ddec56d3899d4f0e9dce1c509 508868 lxc_1.0.6.orig.tar.xz 84024f4d20b12d31825673cff81d6389e0f5a6a1 29668 lxc_1.0.6-6+deb8u1.debian.tar.xz Checksums-Sha256: f89c2f20af1a5068a5b66eb9edea99cf42bc36dedec75ae7a01617dc8227a713 2082 lxc_1.0.6-6+deb8u1.dsc 4a794c57ee852bcbb8f3d543eace6a86e75156c5681c9daf1b01d79407a70c74 508868 lxc_1.0.6.orig.tar.xz 7bfeab59ab2b111ca03096d1b7cf9a87314d94389b657a90ad90dda0ccaa1520 29668 lxc_1.0.6-6+deb8u1.debian.tar.xz Files: d26f8b7df14a407e28832986572e25a8 2082 admin optional lxc_1.0.6-6+deb8u1.dsc 30a70dfbbb7fa016febd26b33f12e20d 508868 admin optional lxc_1.0.6.orig.tar.xz 13e6e2ac25600e77b147941a81a2099b 29668 admin optional lxc_1.0.6-6+deb8u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVsSLfAAoJEAVMuPMTQ89EUdYP/RD2lWhpwngDGlaShshaBMyI u9j7LtbIaPUxmw8YCTiYrZHqdZWh7+4SsCq1GTBqEDzUTjqUR6Eb9iFSm53d01jS 3F/YGz1Mn3XkIFb0NrnUPs5u+YWeteIMxkVC8PwG8pMqk+7R1N77Ap8q1e0IA2jt bFQmLsuhboPDyPgCL5NwtEg6kZmLo3GRxOkAw/0b9aK/LT4d2pqBgV6xO2lDIOc1 DXJ6CqCTAdD+HtbV1rQOd+1jqK7DDioVFTFNhk21XPvl8GQ3K3kpjGZlbDZOz5+d pwFjVfmL9HS+pnlLqf7n35iNkCgpXriIfP/hX8BiX2YbqvuOKmz8BBAuvvpalkma iXEnX6bkYwfTRIhvSsaJnA4R/QF9NuE6yrbW3+ASoQi5yV3U9X7qg7B5LEsBLD4M 3xRNP9y9xbo1vIJ71d6fxIEcalmS65Tm+YG2SWIMu39LW94PCt7sQn4HNvRBwetu VU766RZBfC98JQh7H6CKHDrDedg6eRTnJ4zv26ejMiv3X7M5kzXA9GV7P5lrHqWI ztcwWr0kWGwVpDz/QZ5A8JbhcvBz2YZzMoKOdujztjso6wZgUZqedRSCuaAQzL90 nnRfqzigPFfbFa5lQ4Of4eLqeP8EcaUB1E6jLcAhNhu1huVPg3c/TblmFc+7ynw0 YoC4UpOw5ElTdi0NyvF9 =6MoC -----END PGP SIGNATURE-----
--- End Message ---
