group.of.nepali.translators team mailing list archive

[Launchpad Bug Tracker <1658219@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package linux - 4.8.0-45.48

---------------
linux (4.8.0-45.48) yakkety; urgency=low

  * CVE-2017-7184
    - xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
    - xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder

 -- Stefan Bader <stefan.bader@xxxxxxxxxxxxx>  Fri, 24 Mar 2017 12:03:39
+0100

** Changed in: linux (Ubuntu Yakkety)
       Status: Triaged => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-7184

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1658219

Title:
  flock not mediated by 'k'

Status in AppArmor:
  In Progress
Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Triaged
Status in linux source package in Yakkety:
  Fix Released

Bug description:
  $ cat ./apparmor.profile 
  #include <tunables/global>

  profile test {
    #include <abstractions/base>

    /bin/bash ixr,
    /dev/pts/* rw,
    /usr/bin/flock ixr,
    # Not blocked:
    # aa-exec -p test -- flock -w 1 /tmp/test.lock -c true
    /tmp/test.lock rw,

  }

  $ sudo apparmor_parser -r ./apparmor.profile

  $ aa-exec -p test -- flock -w 1 /tmp/test.lock -c true && echo yes
  yes

  $ ls -l /tmp/test.lock 
  -rw-rw-r-- 1 jamie jamie 0 Jan 20 15:57 /tmp/test.lock

  The flock command uses flock(LOCK_EX) and I expected it to be blocked
  due to the lack of 'k'.

  apparmor userspace 2.10.95-0ubuntu2.5 (xenial) and 4.9.0-12.13-generic
  kernel on amd64.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1658219/+subscriptions