| 2017-01-23 22:56:50 |
Mattia Rizzolo |
bug |
|
|
added bug |
| 2017-01-23 22:56:59 |
Mattia Rizzolo |
nominated for series |
|
Ubuntu Xenial |
|
| 2017-01-23 22:56:59 |
Mattia Rizzolo |
bug task added |
|
firejail (Ubuntu Xenial) |
|
| 2017-01-23 22:57:10 |
Mattia Rizzolo |
bug task deleted |
firejail (Ubuntu) |
|
|
| 2017-01-23 22:57:19 |
Mattia Rizzolo |
firejail (Ubuntu Xenial): assignee |
|
Reiner Herrmann (deki) |
|
| 2017-01-23 22:57:23 |
Mattia Rizzolo |
firejail (Ubuntu Xenial): status |
New |
In Progress |
|
| 2017-01-23 22:57:33 |
Mattia Rizzolo |
firejail (Ubuntu Xenial): importance |
Undecided |
Medium |
|
| 2017-01-23 23:06:12 |
Reiner Herrmann |
description |
[Impact]
* The current version is affected by a bunch of important and security bugs
* Upstream is maintaining this branch with targeted bug fixes.
[Test Case]
N/A
[Regression Potential]
Upstream changelog:
firejail (0.9.38.10) baseline; urgency=low
* security: new fix for CVE-2017-5180 reported by Sebastian Krahmer last week
* security: tightening the rules for --chroot
* bugfix: ported Gentoo compile patch
* bugfix: fix ASSERT_PERMS_FD macro
-- netblue30 Sun, 15 Jan 2017 10:00:00 -0500
firejail (0.9.38.8) baseline; urgency=low
* security: root exploit found by Sebastian Krahmer (CVE-2017-5180)
-- netblue30 Sat, 7 Jan 2017 10:00:00 -0500
firejail (0.9.38.6) baseline; urgency=low
* security: overwrite /etc/resolv.conf found by Martin Carpenter (CVE-2016-10118)
* bugfix: crashing VLC by pressing Ctrl-O
-- netblue30 Fri, 16 Dec 2016 10:00:00 -0500
firejail (0.9.38.4) baseline; urgency=low
* CVE-2016-7545 submitted by Aleksey Manevich
* bugfixes
-- netblue30 Mon, 10 Oct 2016 10:00:00 -0500
firejail (0.9.38.2) baseline; urgency=low
* security: --whitelist deleted files, submitted by Vasya Novikov
* security: disable x32 ABI, submitted by Jann Horn
* security: tighten --chroot, submitted by Jann Horn
* security: terminal sandbox escape, submitted by Stephan Sokolow
* feature: clean local overlay storage directory (--overlay-clean)
* bugfixes
-- netblue30 Tue, 23 Aug 2016 10:00:00 -0500 |
[Impact]
* The current version is affected by a bunch of important and security bugs
* Upstream is maintaining this branch with targeted bug fixes.
[Test Case]
N/A
[Regression Potential]
* Upstream maintains LTS branch for 0.9.38.x and takes care not to introduce breaking changes. Estimated regression potentional is therefore low.
Upstream changelog:
firejail (0.9.38.10) baseline; urgency=low
* security: new fix for CVE-2017-5180 reported by Sebastian Krahmer last week
* security: tightening the rules for --chroot
* bugfix: ported Gentoo compile patch
* bugfix: fix ASSERT_PERMS_FD macro
-- netblue30 Sun, 15 Jan 2017 10:00:00 -0500
firejail (0.9.38.8) baseline; urgency=low
* security: root exploit found by Sebastian Krahmer (CVE-2017-5180)
-- netblue30 Sat, 7 Jan 2017 10:00:00 -0500
firejail (0.9.38.6) baseline; urgency=low
* security: overwrite /etc/resolv.conf found by Martin Carpenter (CVE-2016-10118)
* bugfix: crashing VLC by pressing Ctrl-O
-- netblue30 Fri, 16 Dec 2016 10:00:00 -0500
firejail (0.9.38.4) baseline; urgency=low
* CVE-2016-7545 submitted by Aleksey Manevich
* bugfixes
-- netblue30 Mon, 10 Oct 2016 10:00:00 -0500
firejail (0.9.38.2) baseline; urgency=low
* security: --whitelist deleted files, submitted by Vasya Novikov
* security: disable x32 ABI, submitted by Jann Horn
* security: tighten --chroot, submitted by Jann Horn
* security: terminal sandbox escape, submitted by Stephan Sokolow
* feature: clean local overlay storage directory (--overlay-clean)
* bugfixes
-- netblue30 Tue, 23 Aug 2016 10:00:00 -0500 |
|
| 2017-01-23 23:10:23 |
Reiner Herrmann |
description |
[Impact]
* The current version is affected by a bunch of important and security bugs
* Upstream is maintaining this branch with targeted bug fixes.
[Test Case]
N/A
[Regression Potential]
* Upstream maintains LTS branch for 0.9.38.x and takes care not to introduce breaking changes. Estimated regression potentional is therefore low.
Upstream changelog:
firejail (0.9.38.10) baseline; urgency=low
* security: new fix for CVE-2017-5180 reported by Sebastian Krahmer last week
* security: tightening the rules for --chroot
* bugfix: ported Gentoo compile patch
* bugfix: fix ASSERT_PERMS_FD macro
-- netblue30 Sun, 15 Jan 2017 10:00:00 -0500
firejail (0.9.38.8) baseline; urgency=low
* security: root exploit found by Sebastian Krahmer (CVE-2017-5180)
-- netblue30 Sat, 7 Jan 2017 10:00:00 -0500
firejail (0.9.38.6) baseline; urgency=low
* security: overwrite /etc/resolv.conf found by Martin Carpenter (CVE-2016-10118)
* bugfix: crashing VLC by pressing Ctrl-O
-- netblue30 Fri, 16 Dec 2016 10:00:00 -0500
firejail (0.9.38.4) baseline; urgency=low
* CVE-2016-7545 submitted by Aleksey Manevich
* bugfixes
-- netblue30 Mon, 10 Oct 2016 10:00:00 -0500
firejail (0.9.38.2) baseline; urgency=low
* security: --whitelist deleted files, submitted by Vasya Novikov
* security: disable x32 ABI, submitted by Jann Horn
* security: tighten --chroot, submitted by Jann Horn
* security: terminal sandbox escape, submitted by Stephan Sokolow
* feature: clean local overlay storage directory (--overlay-clean)
* bugfixes
-- netblue30 Tue, 23 Aug 2016 10:00:00 -0500 |
[Impact]
* The current version is affected by a bunch of important and security bugs
* Upstream is maintaining this branch with targeted bug fixes.
[Test Case]
N/A
[Regression Potential]
* Upstream maintains LTS branch for 0.9.38.x and takes care not to introduce breaking changes. An extensive test suite is available and maintained by upstream, which is also run before releases.
Estimated regression potentional is therefore low.
Upstream changelog:
firejail (0.9.38.10) baseline; urgency=low
* security: new fix for CVE-2017-5180 reported by Sebastian Krahmer last week
* security: tightening the rules for --chroot
* bugfix: ported Gentoo compile patch
* bugfix: fix ASSERT_PERMS_FD macro
-- netblue30 Sun, 15 Jan 2017 10:00:00 -0500
firejail (0.9.38.8) baseline; urgency=low
* security: root exploit found by Sebastian Krahmer (CVE-2017-5180)
-- netblue30 Sat, 7 Jan 2017 10:00:00 -0500
firejail (0.9.38.6) baseline; urgency=low
* security: overwrite /etc/resolv.conf found by Martin Carpenter (CVE-2016-10118)
* bugfix: crashing VLC by pressing Ctrl-O
-- netblue30 Fri, 16 Dec 2016 10:00:00 -0500
firejail (0.9.38.4) baseline; urgency=low
* CVE-2016-7545 submitted by Aleksey Manevich
* bugfixes
-- netblue30 Mon, 10 Oct 2016 10:00:00 -0500
firejail (0.9.38.2) baseline; urgency=low
* security: --whitelist deleted files, submitted by Vasya Novikov
* security: disable x32 ABI, submitted by Jann Horn
* security: tighten --chroot, submitted by Jann Horn
* security: terminal sandbox escape, submitted by Stephan Sokolow
* feature: clean local overlay storage directory (--overlay-clean)
* bugfixes
-- netblue30 Tue, 23 Aug 2016 10:00:00 -0500 |
|
| 2017-01-26 23:52:39 |
Brian Murray |
firejail (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
| 2017-01-26 23:52:41 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2017-01-26 23:52:46 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
| 2017-01-26 23:52:49 |
Brian Murray |
tags |
|
verification-needed |
|
| 2017-01-28 17:47:38 |
Pjotr12345 |
tags |
verification-needed |
verification-done |
|
| 2017-02-09 03:52:26 |
Launchpad Janitor |
firejail (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
| 2017-02-09 03:52:30 |
Chris J Arges |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
