Quoting Niels Thykier (ni...@thykier.net):
> On 2015-03-13 18:31, Serge Hallyn wrote:
> > Hi,
> >
> > those two patches are fixups after the following patch:
> >
> > https://github.com/lxc/cgmanager/commit/a08d1c038c8457cda1b5d85c4d628595157812c1
> >
>
Hi,
those two patches are fixups after the following patch:
https://github.com/lxc/cgmanager/commit/a08d1c038c8457cda1b5d85c4d628595157812c1
startup: pivot into a mostly-empty new root
which is the one that really fixed the issue. Backporting these
should be no big deal. Please let me know if
Quoting Niels Thykier (ni...@thykier.net):
> Control: tags -1 confirmed moreinfo
>
> On 2015-02-12 05:32, Serge Hallyn wrote:
> > Here is a new debdiff. (tested in its original upstream version
> > in v0.36) Maybe it would've been easier to squash the two patches,
&g
crashing on unhandled asserts or dbus error (LP: #1407787)
+ * 0006-fix-subdirectory-check: further fix to the previous patch for
+CVE-2014-1425.
+
+ -- Serge Hallyn Mon, 26 Jan 2015 09:12:02 -0600
+
cgmanager (0.33-2) unstable; urgency=medium
* Cherrypick two upstream patches
Quoting Niels Thykier (ni...@thykier.net):
> Ok, are we guaranteed that pcgpath ends with the path separator? Consider:
No in fact I think we're guaranteed it won't.
> "/foo/bar"
> "/foo/bar2/somewhere-else"
>
> Unless the path separator is included in the end (i.e. it always uses
> "/foo/b
Quoting Niels Thykier (ni...@thykier.net):
> Control: tags -1 moreinfo
>
> On 2015-02-11 05:36, Serge Hallyn wrote:
> > Package: release.debian.org
> > Usertags: jessie-pu
> >
> > A security issue was found in cgmanager, allowing root-owned privileged
> >
group.
+- CVE-2014-1425
+ * 0004-chown-stop-cgmanager-crash-on-chown-of-bad-file.patch and
+0005-prevent-some-cgmanager-asserts.patch: prevent cgmanager
+crashing on unhandled asserts or dbus error (LP: #1407787)
+
+ -- Serge Hallyn Mon, 26 Jan 2015 09:12:02 -0600
+
cgmanager (0
7 matches
Mail list logo
