[ubuntu/yakkety-security] ubuntu-image 1.0+16.10ubuntu1.1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Wed Jul 5 12:38:18 UTC 2017

ubuntu-image (1.0+16.10ubuntu1.1) yakkety-security; urgency=medium

  * SECURITY UPDATE: privilege escalation through wrong filesystem permissions
    on Ubuntu Core images created as non-root user
    - wrap mkfs.ext4 calls in fakeroot so that all resulting contents are
      owned by uid 0.
    - CVE-2017-10600

Date: 2017-06-30 18:29:16.242784+00:00
Changed-By: Steve Langasek <steve.langasek at canonical.com>
Maintainer: Barry Warsaw <barry at canonical.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Yakkety-changes mailing list