← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1658824] [NEW] [SRU] New upstream microrelease

 

Public bug reported:

[Impact]
 * The current version is affected by a bunch of important and security bugs
 * Upstream is maintaining this branch with targeted bug fixes.

[Test Case]
 N/A

[Regression Potential]


Upstream changelog:

firejail (0.9.38.10) baseline; urgency=low
  * security: new fix for CVE-2017-5180 reported by Sebastian Krahmer last week
  * security: tightening the rules for --chroot
  * bugfix: ported Gentoo compile patch
  * bugfix: fix ASSERT_PERMS_FD macro
 -- netblue30   Sun, 15 Jan 2017 10:00:00 -0500

firejail (0.9.38.8) baseline; urgency=low
  * security: root exploit found by Sebastian Krahmer (CVE-2017-5180)
 -- netblue30   Sat, 7 Jan 2017 10:00:00 -0500

firejail (0.9.38.6) baseline; urgency=low
  * security: overwrite /etc/resolv.conf found by Martin Carpenter (CVE-2016-10118)
  * bugfix: crashing VLC by pressing Ctrl-O
 -- netblue30   Fri, 16 Dec 2016 10:00:00 -0500

firejail (0.9.38.4) baseline; urgency=low
  * CVE-2016-7545 submitted by Aleksey Manevich
  * bugfixes 
 -- netblue30   Mon, 10 Oct 2016 10:00:00 -0500

firejail (0.9.38.2) baseline; urgency=low
  * security: --whitelist deleted files, submitted by Vasya Novikov
  * security: disable x32 ABI, submitted by Jann Horn
  * security: tighten --chroot, submitted by Jann Horn
  * security: terminal sandbox escape, submitted by Stephan Sokolow
  * feature: clean local overlay storage directory (--overlay-clean)
  * bugfixes
 -- netblue30   Tue, 23 Aug 2016 10:00:00 -0500

** Affects: firejail (Ubuntu Xenial)
     Importance: Medium
     Assignee: Reiner Herrmann (deki)
         Status: In Progress

** Also affects: firejail (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** No longer affects: firejail (Ubuntu)

** Changed in: firejail (Ubuntu Xenial)
     Assignee: (unassigned) => Reiner Herrmann (deki)

** Changed in: firejail (Ubuntu Xenial)
       Status: New => In Progress

** Changed in: firejail (Ubuntu Xenial)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1658824

Title:
  [SRU] New upstream microrelease

Status in firejail source package in Xenial:
  In Progress

Bug description:
  [Impact]
   * The current version is affected by a bunch of important and security bugs
   * Upstream is maintaining this branch with targeted bug fixes.

  [Test Case]
   N/A

  [Regression Potential]

  
  Upstream changelog:

  firejail (0.9.38.10) baseline; urgency=low
    * security: new fix for CVE-2017-5180 reported by Sebastian Krahmer last week
    * security: tightening the rules for --chroot
    * bugfix: ported Gentoo compile patch
    * bugfix: fix ASSERT_PERMS_FD macro
   -- netblue30   Sun, 15 Jan 2017 10:00:00 -0500

  firejail (0.9.38.8) baseline; urgency=low
    * security: root exploit found by Sebastian Krahmer (CVE-2017-5180)
   -- netblue30   Sat, 7 Jan 2017 10:00:00 -0500

  firejail (0.9.38.6) baseline; urgency=low
    * security: overwrite /etc/resolv.conf found by Martin Carpenter (CVE-2016-10118)
    * bugfix: crashing VLC by pressing Ctrl-O
   -- netblue30   Fri, 16 Dec 2016 10:00:00 -0500

  firejail (0.9.38.4) baseline; urgency=low
    * CVE-2016-7545 submitted by Aleksey Manevich
    * bugfixes 
   -- netblue30   Mon, 10 Oct 2016 10:00:00 -0500

  firejail (0.9.38.2) baseline; urgency=low
    * security: --whitelist deleted files, submitted by Vasya Novikov
    * security: disable x32 ABI, submitted by Jann Horn
    * security: tighten --chroot, submitted by Jann Horn
    * security: terminal sandbox escape, submitted by Stephan Sokolow
    * feature: clean local overlay storage directory (--overlay-clean)
    * bugfixes
   -- netblue30   Tue, 23 Aug 2016 10:00:00 -0500

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/xenial/+source/firejail/+bug/1658824/+subscriptions


Follow ups