[ubuntu/yakkety-security] ubuntu-image 1.0+16.10ubuntu1.1 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Wed Jul 5 12:38:18 UTC 2017
ubuntu-image (1.0+16.10ubuntu1.1) yakkety-security; urgency=medium
* SECURITY UPDATE: privilege escalation through wrong filesystem permissions
on Ubuntu Core images created as non-root user
- wrap mkfs.ext4 calls in fakeroot so that all resulting contents are
owned by uid 0.
- CVE-2017-10600
Date: 2017-06-30 18:29:16.242784+00:00
Changed-By: Steve Langasek <steve.langasek at canonical.com>
Maintainer: Barry Warsaw <barry at canonical.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/+source/ubuntu-image/1.0+16.10ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Yakkety-changes
mailing list