test_160_setattr_CVE_2015_1350 from qa-regression-testing/scripts/test-kernel-security.py assumes that all Ubuntu kernels prior to 4.9 lack the fix for CVE-2015-1350. The latest Xenial kernel in -proposed (linux/4.4.0-208.240) has the fixes for this CVE applied, therefore the testcase needs to be update with something like:
--- a/scripts/test-kernel-security.py
+++ b/scripts/test-kernel-security.py
@@ -1885,8 +1885,8 @@ class KernelSecurityTest(KernelSecurityBaseTest):
# chown should fail, but also should not clear fs caps self.assertShellExitEquals(1, ['sudo', '-u', user, 'chown', user, testbin])
- if not self.kernel_at_least('4.9'):
- self._skipped("Kernels before 4.9 need to fix CVE-2015-1350")
+ if not self.kernel_at_least('4.4'):
+ self._skipped("Kernels before 4.4 need to fix CVE-2015-1350") exp_output = '' self.assertShellOutputEquals(exp_output, ['sudo', '-u', user, 'getcap', testbin])
test_160_ setattr_ CVE_2015_ 1350 from qa-regression- testing/ scripts/ test-kernel- security. py assumes that all Ubuntu kernels prior to 4.9 lack the fix for CVE-2015-1350. The latest Xenial kernel in -proposed (linux/ 4.4.0-208. 240) has the fixes for this CVE applied, therefore the testcase needs to be update with something like:
--- a/scripts/ test-kernel- security. py test-kernel- security. py est(KernelSecur ityBaseTest) :
self. assertShellExit Equals( 1, ['sudo', '-u', user, 'chown', user, testbin])
+++ b/scripts/
@@ -1885,8 +1885,8 @@ class KernelSecurityT
# chown should fail, but also should not clear fs caps
- if not self.kernel_ at_least( '4.9'): "Kernels before 4.9 need to fix CVE-2015-1350") at_least( '4.4'): "Kernels before 4.4 need to fix CVE-2015-1350")
exp_ output = ''
self. assertShellOutp utEquals( exp_output, ['sudo', '-u', user, 'getcap', testbin])
- self._skipped(
+ if not self.kernel_
+ self._skipped(