bubblewrap 0.4.1-1 source package in Ubuntu

Changelog

bubblewrap (0.4.1-1) unstable; urgency=high

  * New upstream release
    - Fixes a root privilege escalation vulnerability introduced in 0.4.0,
      in cases where the kernel allows creation of user namespaces by
      unprivileged users and bwrap is (unnecessarily) setuid root.
      Debian systems are vulnerable if
      /proc/sys/kernel/unprivileged_userns_clone (default 0) has been
      changed to 1, or if using an upstream kernel instead of a Debian
      kernel.
      Ubuntu systems are not normally vulnerable, because bwrap is not
      normally setuid there.
      (GHSA-j2qp-rvxj-43vj, CVE ID pending)
    - Fixes test failure with libcap >= 2.29 (Closes: #951577)
  * Update various URLs from https://github.com/projectatomic/bubblewrap
    to https://github.com/containers/bubblewrap
  * Set upstream metadata fields: Repository.
  * Remove obsolete field Name from debian/upstream/metadata (already
    present in machine-readable debian/copyright).
  * Standards-Version: 4.5.0 (no changes required)
  * d/tests/control: Qualify CLI tools with :native.
    Thanks to Steve Langasek (Closes: #948617)

 -- Simon McVittie <email address hidden>  Mon, 30 Mar 2020 14:33:54 +0100

Upload details

Uploaded by:
Utopia Maintenance Team on 2020-03-30
Uploaded to:
Sid
Original maintainer:
Utopia Maintenance Team
Architectures:
linux-any
Section:
admin
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Groovy release on 2020-05-02 main misc

Downloads

File Size SHA-256 Checksum
bubblewrap_0.4.1-1.dsc 2.2 KiB f1fe92d4c67b80a28e10026f42658bd8aca7f15217a1df4de640698ec6257626
bubblewrap_0.4.1.orig.tar.xz 209.5 KiB b9c69b9b1c61a608f34325c8e1a495229bacf6e4a07cbb0c80cf7a814d7ccc03
bubblewrap_0.4.1-1.debian.tar.xz 8.4 KiB b0a2d0917ad1886f459c7b77cbd7ee0a10bf7f993859d3cd433f6f7b2e47e854

No changes file available.

Binary packages built by this source

bubblewrap: setuid wrapper for unprivileged chroot and namespace manipulation

 Core execution engine for unprivileged containers that works as a setuid
 binary on kernels without user namespaces.

bubblewrap-dbgsym: debug symbols for bubblewrap