Hi Moritz, On Fri, Jan 06, 2017 at 10:53:17AM +0100, Moritz Muehlenhoff wrote: > there have been new CVE assignments for firejail. Most of them are fixed in > stretch, but two of those have not made it into a firejail release:
They are part of the bugfix release 0.9.44.2: https://github.com/netblue30/firejail/commits/0.9.44-bugfixes > https://security-tracker.debian.org/tracker/CVE-2016-10122 This was fixed in these commits on the 0.9.44-bugfixes branch: https://github.com/netblue30/firejail/commit/e847207df28e181a8f590ade825b5f06d4fadf17 https://github.com/netblue30/firejail/commit/18f6e9dc9b304f7aca291c3edce5122562b1e36c > https://security-tracker.debian.org/tracker/CVE-2016-10118 And this is fixed also here: https://github.com/netblue30/firejail/commit/8b5b444c766b8d0592346decc6ed4a6d345e4f67 Can you please mark them as fixed in 0.9.44.2 in the security tracker? Kind regards, Reiner
signature.asc
Description: Digital signature
