group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #10152
[Bug 1655136] Re: Multiple CVEs in xenial
** Also affects: firejail (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: firejail (Ubuntu Zesty)
Importance: Undecided
Status: New
** Changed in: firejail (Ubuntu Xenial)
Status: New => In Progress
** Changed in: firejail (Ubuntu Xenial)
Assignee: (unassigned) => Reiner Herrmann (deki)
** Changed in: firejail (Ubuntu Zesty)
Status: New => Fix Released
** Changed in: firejail (Ubuntu Zesty)
Importance: Undecided => High
** Changed in: firejail (Ubuntu Xenial)
Importance: Undecided => High
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1655136
Title:
Multiple CVEs in xenial
Status in firejail package in Ubuntu:
Fix Released
Status in firejail source package in Xenial:
In Progress
Status in firejail source package in Zesty:
Fix Released
Bug description:
firejail 0.9.38 is affected by the following CVEs:
- CVE-2016-9016: sandbox escape
- CVE-2016-10118: overwrite /etc/resolv.conf
- CVE-2017-5180: local root exploit
Please apply the attached debdiff.
firejail 0.9.40 is also affected by those (and perhaps other) CVEs. It still needs to be checked by which ones exactly.
I will file a separate bug for it.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firejail/+bug/1655136/+subscriptions