** Changed in: tracker (Ubuntu Yakkety)
Status: Fix Committed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1648921
Title:
Sandbox the tracker extractor
To manage notifications
When I looked earlier, I couldn't easily backport this to 16.04 LTS.
After a few months, I believe the tracker sandbox still causes
regressions since it blocks stuff that used to be allowed. The new
tracker (with sandbox) will be shipped in 17.04 and Debian stretch, but
I think this update is not
** Changed in: tracker (Ubuntu)
Importance: Undecided => High
** Changed in: tracker (Ubuntu Yakkety)
Importance: Undecided => High
** Changed in: tracker (Ubuntu Xenial)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
Hello Jeremy, or anyone else affected,
Accepted tracker into yakkety-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/tracker/1.10.2-0ubuntu0.1 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
https
I went ahead and uploaded this for yakkety as a regular SRU (it's in the
unapproved queue now)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1648921
Title:
Sandbox the tracker extractor
To manage n
** Tags added: xenial yakkety zesty
** Changed in: tracker (Ubuntu)
Status: New => Fix Released
** Changed in: tracker (Ubuntu Yakkety)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://
tracker was not included by default in any Ubuntu 12.04 flavor and
libseccomp is only available in backports there.
I don't intend to try to backport this change for Ubuntu 14.04 either.
Ubuntu GNOME 14.04 has only a few months of support left. I don't feel
it's worth the work to try to make these
** Description changed:
- * SECURITY UPDATE: extractor now runs in a sandbox confined by libseccomp
- - extractor's filesystem and network access is limited to being read and
- local only (LP: #1619600)
- - No CVE number
+ * SECURITY UPDATE: extractor now runs in a sandbox confined
** Description changed:
- The tracker developers have recently confined their extractor to attempt to
make tracker more resilient to attacks, especially involving flaws in gstreamer
parsers.
-
+ * SECURITY UPDATE: extractor now runs in a sandbox confined by libseccomp
+ - extractor's fil
** Description changed:
- .
+ The tracker developers have recently confined their extractor to attempt to
make tracker more resilient to attacks, especially involving flaws in gstreamer
parsers.
+
+ There is no CVE number assigned to this issue.
+
+ https://lwn.net/Articles/708196/
+
https:/
** Changed in: tracker
Status: Unknown => Fix Released
** Changed in: tracker
Importance: Unknown => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1648921
Title:
Sandbox the tracker
11 matches
Mail list logo
