[ubuntu/zesty-security] ubuntu-image 1.0+17.04ubuntu1.1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Wed Jul 5 12:37:50 UTC 2017

ubuntu-image (1.0+17.04ubuntu1.1) zesty-security; urgency=medium

  * SECURITY UPDATE: privilege escalation through wrong filesystem permissions
    on Ubuntu Core images created as non-root user
    - wrap mkfs.ext4 calls in fakeroot so that all resulting contents are
      owned by uid 0.
    - CVE-2017-10600

Date: 2017-06-30 18:32:13.534676+00:00
Changed-By: Steve Langasek <steve.langasek at canonical.com>
Maintainer: Barry Warsaw <barry at canonical.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Zesty-changes mailing list