group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #11148
[Bug 1660832] Re: unix domain socket cross permission check failing with nested namespaces
This bug was fixed in the package linux - 4.10.0-8.10
---------------
linux (4.10.0-8.10) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1664217
* [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions)
(LP: #1663687)
- scsi: storvsc: Enable tracking of queue depth
- scsi: storvsc: Remove the restriction on max segment size
- scsi: storvsc: Enable multi-queue support
- scsi: storvsc: use tagged SRB requests if supported by the device
- scsi: storvsc: properly handle SRB_ERROR when sense message is present
- scsi: storvsc: properly set residual data length on errors
* Ubuntu16.10-KVM:Big configuration with multiple guests running SRIOV VFs
caused KVM host hung and all KVM guests down. (LP: #1651248)
- KVM: PPC: Book 3S: XICS cleanup: remove XICS_RM_REJECT
- KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter
- KVM: PPC: Book 3S: XICS: Fix potential issue with duplicate IRQ resends
- KVM: PPC: Book 3S: XICS: Implement ICS P/Q states
- KVM: PPC: Book 3S: XICS: Don't lock twice when checking for resend
* overlay: mkdir fails if directory exists in lowerdir in a user namespace
(LP: #1531747)
- SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
* CVE-2016-1575 (LP: #1534961)
- SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
* CVE-2016-1576 (LP: #1535150)
- SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
* Miscellaneous Ubuntu changes
- SAUCE: md/raid6 algorithms: scale test duration for speedier boots
- SAUCE: Import aufs driver
- d-i: Build message-modules udeb for arm64
- rebase to v4.10-rc8
* Miscellaneous upstream changes
- Revert "UBUNTU: SAUCE: aufs -- remove .readlink assignment"
- Revert "UBUNTU: SAUCE: (no-up) aufs: for v4.9-rc1, support setattr_prepare()"
- Revert "UBUNTU: SAUCE: aufs -- Add flags argument to aufs_rename()"
- Revert "UBUNTU: SAUCE: aufs -- Convert to use xattr handlers"
- Revert "UBUNTU: SAUCE: Import aufs driver"
[ Upstream Kernel Changes ]
* rebase to v4.10-rc8
-- Tim Gardner <tim.gardner@xxxxxxxxxxxxx> Mon, 06 Feb 2017 08:34:24
-0700
** Changed in: linux (Ubuntu Zesty)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-1575
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-1576
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1660832
Title:
unix domain socket cross permission check failing with nested
namespaces
Status in apparmor package in Ubuntu:
New
Status in linux package in Ubuntu:
Fix Released
Status in apparmor source package in Xenial:
New
Status in linux source package in Xenial:
Fix Committed
Status in apparmor source package in Yakkety:
New
Status in linux source package in Yakkety:
Fix Committed
Status in apparmor source package in Zesty:
New
Status in linux source package in Zesty:
Fix Released
Bug description:
When using nested namespaces policy within the nested namespace is trying
to cross validate with policy outside of the namespace that is not
visible to it. This results the access being denied and with no way to
add a rule to policy that would allow it.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1660832/+subscriptions
References