drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in LXC (Aktualisierung)
Name: |
Preisgabe von Informationen in LXC (Aktualisierung) |
|
ID: |
USN-2753-3 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS |
|
Datum: |
Di, 6. Oktober 2015, 07:01 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
LXC |
|
Update von: |
Preisgabe von Informationen in LXC |
|
Originalnachricht |
--===============1569423580693713632== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="81JctsDUVPekGcy+" Content-Disposition: inline
--81JctsDUVPekGcy+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-2753-3 October 05, 2015
lxc regression ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
USN-2753-1 introduced a regression in LXC.
Software Description: - lxc: Linux Containers userspace tools
Details:
USN-2753-1 fixed a vulnerability in LXC. The update caused a regression that prevented some containers from starting. This regression only affected containers that had a path that contained a '/./' directory specified as a bind mount target in their configuration file. This update fixes the problem. We apologize for the inconvenience.
Original advisory details:
Roman Fiedler discovered a directory traversal flaw in lxc-start. A local attacker with access to an LXC container could exploit this flaw to run programs inside the container that are not confined by AppArmor or expose unintended files in the host to the container.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: liblxc1 1.0.7-0ubuntu0.7 lxc 1.0.7-0ubuntu0.7 lxc-dev 1.0.7-0ubuntu0.7 lxc-templates 1.0.7-0ubuntu0.7 lxc-tests 1.0.7-0ubuntu0.7 python3-lxc 1.0.7-0ubuntu0.7
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2753-3 http://www.ubuntu.com/usn/usn-2753-1 https://launchpad.net/bugs/1501491
Package Information: https://launchpad.net/ubuntu/+source/lxc/1.0.7-0ubuntu0.7
--81JctsDUVPekGcy+ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJWEvRRAAoJEC8Jno0AXoH0U0wQALCVm8j7jcpxvzDPebO+wZl8 X59Lq/1BRJw0vb6tOBsc1PO5OAU6COV0f2y4NV35ylewaHHghVbx8vOk3A7IgDWA qByIfWo+BkshC0QduUFaZO0Au76xnxlF0myYT8XV6fMQfJEvbonsuebHdyONCYYm VQtkFSqMj0i/TKJKA+9vkIUZQCs2pspQningAJ9m7x01TbSX+i/YC8U1nDk4XAQ1 r2LZxMW6njklrnmNbP7nHWEsZEGL/qxZFU26MAHiAv9mBKbFM1QrZ7L4cbk3E8NT hwbJEIinYyNq0ipjgSgR7QxGq0Lx8Wb29dnXSiAGwPcm1SXq4734hsh4kfETm+59 /Mc66wENXqVgnPzrj3L7k1j57kMyR9+y+f3XRjX1dKrSuQgwrP5ox4sCKt6d/lS7 69OYxTsxnUWRaxaikuHyLpHJDj/PU3Y4UWMuAk+4Mm0pKUMD4D1EVsjmlDabIMtD xS0/ko87Esl5O1h67xhI6drs6cWwSOrps7qEpX27i7JoQfk4y2FSt+3QDdLetbz2 zkEyD/R5RhoHS/fLcmUSZ4nFCECn7qkArndER6AIGk7d7xNRHnLFuIK27d8JGUpc oZptiyHTqv7nKvtShjju44IbTgDOCXzKrjLfO14BHIE6RoNADLn8ZKjooneyC22j v9z6/oTdl6fH77uJOWev =vB51 -----END PGP SIGNATURE-----
--81JctsDUVPekGcy+--
--===============1569423580693713632== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1569423580693713632==--
|
|
|
|