2016-12-10 02:09:58 |
Jeremy Bícha |
bug |
|
|
added bug |
2016-12-10 02:11:04 |
Jeremy Bícha |
bug watch added |
|
https://bugzilla.gnome.org/show_bug.cgi?id=764786 |
|
2016-12-10 02:11:04 |
Jeremy Bícha |
bug task added |
|
tracker |
|
2016-12-10 02:19:24 |
Bug Watch Updater |
tracker: status |
Unknown |
Fix Released |
|
2016-12-10 02:19:24 |
Bug Watch Updater |
tracker: importance |
Unknown |
High |
|
2016-12-10 02:34:32 |
Jeremy Bícha |
description |
. |
The tracker developers have recently confined their extractor to attempt to make tracker more resilient to attacks, especially involving flaws in gstreamer parsers.
There is no CVE number assigned to this issue.
https://lwn.net/Articles/708196/
https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html
The gstreamer security fixes are being handled separately. See bug 1619600 |
|
2016-12-10 02:45:44 |
Jeremy Bícha |
description |
The tracker developers have recently confined their extractor to attempt to make tracker more resilient to attacks, especially involving flaws in gstreamer parsers.
There is no CVE number assigned to this issue.
https://lwn.net/Articles/708196/
https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html
The gstreamer security fixes are being handled separately. See bug 1619600 |
* SECURITY UPDATE: extractor now runs in a sandbox confined by libseccomp
- extractor's filesystem and network access is limited to being read and
local only (LP: #1619600)
- No CVE number
The tracker developers have recently confined their extractor to attempt to make tracker more resilient to attacks, especially involving flaws in gstreamer parsers.
There is no CVE number assigned to this issue.
https://lwn.net/Articles/708196/
https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html
The gstreamer security fixes are being handled separately. See bug 1619600 |
|
2016-12-10 02:45:51 |
Jeremy Bícha |
information type |
Public |
Public Security |
|
2016-12-10 03:35:43 |
Jeremy Bícha |
description |
* SECURITY UPDATE: extractor now runs in a sandbox confined by libseccomp
- extractor's filesystem and network access is limited to being read and
local only (LP: #1619600)
- No CVE number
The tracker developers have recently confined their extractor to attempt to make tracker more resilient to attacks, especially involving flaws in gstreamer parsers.
There is no CVE number assigned to this issue.
https://lwn.net/Articles/708196/
https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html
The gstreamer security fixes are being handled separately. See bug 1619600 |
* SECURITY UPDATE: extractor now runs in a sandbox confined by libseccomp
- extractor's filesystem and network access is limited to being read and
local only (LP: #1648921)
- No CVE number
The tracker developers have recently confined their extractor to attempt to make tracker more resilient to attacks, especially involving flaws in gstreamer parsers.
There is no CVE number assigned to this issue.
https://lwn.net/Articles/708196/
https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html
The gstreamer security fixes are being handled separately. See bug 1619600 |
|
2016-12-10 03:36:06 |
Jeremy Bícha |
nominated for series |
|
Ubuntu Yakkety |
|
2016-12-10 03:36:06 |
Jeremy Bícha |
bug task added |
|
tracker (Ubuntu Yakkety) |
|
2016-12-10 03:36:06 |
Jeremy Bícha |
nominated for series |
|
Ubuntu Xenial |
|
2016-12-10 03:36:06 |
Jeremy Bícha |
bug task added |
|
tracker (Ubuntu Xenial) |
|
2016-12-10 06:37:15 |
Jeremy Bícha |
tags |
|
xenial yakkety zesty |
|
2016-12-10 06:37:22 |
Jeremy Bícha |
tracker (Ubuntu): status |
New |
Fix Released |
|
2016-12-10 06:37:27 |
Jeremy Bícha |
tracker (Ubuntu Yakkety): status |
New |
In Progress |
|
2016-12-16 13:49:59 |
Timo Aaltonen |
tracker (Ubuntu Yakkety): status |
In Progress |
Fix Committed |
|
2016-12-16 13:50:00 |
Timo Aaltonen |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2016-12-16 13:50:05 |
Timo Aaltonen |
bug |
|
|
added subscriber SRU Verification |
2016-12-16 13:50:49 |
Timo Aaltonen |
tags |
xenial yakkety zesty |
verification-needed xenial yakkety zesty |
|
2016-12-20 23:51:17 |
Mathew Hodson |
tracker (Ubuntu): importance |
Undecided |
High |
|
2016-12-20 23:51:21 |
Mathew Hodson |
tracker (Ubuntu Yakkety): importance |
Undecided |
High |
|
2016-12-20 23:51:23 |
Mathew Hodson |
tracker (Ubuntu Xenial): importance |
Undecided |
High |
|
2017-03-06 15:18:44 |
Jeremy Bícha |
tags |
verification-needed xenial yakkety zesty |
verification-failed xenial yakkety zesty |
|
2017-03-06 15:18:49 |
Jeremy Bícha |
tracker (Ubuntu Xenial): status |
New |
Won't Fix |
|
2017-03-06 19:38:08 |
Jeremy Bícha |
tracker (Ubuntu Yakkety): status |
Fix Committed |
Won't Fix |
|