[ubuntu/yakkety-updates] ubuntu-image 1.0+16.10ubuntu1.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Jul 5 12:58:07 UTC 2017


ubuntu-image (1.0+16.10ubuntu1.1) yakkety-security; urgency=medium

  * SECURITY UPDATE: privilege escalation through wrong filesystem permissions
    on Ubuntu Core images created as non-root user
    - wrap mkfs.ext4 calls in fakeroot so that all resulting contents are
      owned by uid 0.
    - CVE-2017-10600

Date: 2017-06-30 18:29:16.242784+00:00
Changed-By: Steve Langasek <steve.langasek at canonical.com>
Maintainer: Barry Warsaw <barry at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/ubuntu-image/1.0+16.10ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Yakkety-changes mailing list