On Thu, Jan 05, 2017 at 11:17:01AM +0100, Reiner Herrmann wrote: > Control: reopen -1 > > Hi Salvatore, > > On Thu, Jan 05, 2017 at 07:54:24AM +0100, Salvatore Bonaccorso wrote: > > On Wed, Jan 04, 2017 at 11:21:05PM +0000, Debian Bug Tracking System wrote: > > > * Add upstream fix for CVE-2017-5180 (Closes: #850160). > > > > Thanks. The fix had a followup which does not seem to be applied, cf. > > https://github.com/netblue30/firejail/issues/1020#issuecomment-270514760 > > Thanks for the information. I will later upload this followup fix.
Hi Reiner, there have been new CVE assignments for firejail. Most of them are fixed in stretch, but two of those have not made it into a firejail release: https://security-tracker.debian.org/tracker/CVE-2016-10122 https://security-tracker.debian.org/tracker/CVE-2016-10118 Cheers, Moritz
