Ubuntu
linux package

  1. Bug #1922596
  2. Comment #2

Comment 2 for bug 1922596

Revision history for this message
Kleber Sacilotto de Souza (kleber-souza) wrote :

test_160_setattr_CVE_2015_1350 from qa-regression-testing/scripts/test-kernel-security.py assumes that all Ubuntu kernels prior to 4.9 lack the fix for CVE-2015-1350. The latest Xenial kernel in -proposed (linux/4.4.0-208.240) has the fixes for this CVE applied, therefore the testcase needs to be update with something like:

--- a/scripts/test-kernel-security.py
+++ b/scripts/test-kernel-security.py
@@ -1885,8 +1885,8 @@ class KernelSecurityTest(KernelSecurityBaseTest):
         # chown should fail, but also should not clear fs caps
         self.assertShellExitEquals(1, ['sudo', '-u', user, 'chown', user, testbin])

- if not self.kernel_at_least('4.9'):
- self._skipped("Kernels before 4.9 need to fix CVE-2015-1350")
+ if not self.kernel_at_least('4.4'):
+ self._skipped("Kernels before 4.4 need to fix CVE-2015-1350")
             exp_output = ''
         self.assertShellOutputEquals(exp_output, ['sudo', '-u', user, 'getcap', testbin])