diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2019-02-13 00:22:29 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2019-02-13 08:59:45 +0100 |
| commit | 73d387f5699866c6d340e729855cccab9c82c602 (patch) | |
| tree | df5a20013c88ffa12ccb0015de2aaf4a13cad89a /ChangeLog.rss | |
| parent | f5a2fd8812fe66114bc7581c08a922acca70b0fa (diff) | |
| download | current-73d387f5699866c6d340e729855cccab9c82c602.tar.gz current-73d387f5699866c6d340e729855cccab9c82c602.tar.xz | |
Wed Feb 13 00:22:29 UTC 201920190213002229
a/kernel-firmware-20190212_28f5f7d-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.21-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.21-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.21-x86_64-1.txz: Upgraded.
ap/lxc-2.0.9_d3a03247-x86_64-1.txz: Upgraded.
This update fixes a security issue where a malicious privileged container
could overwrite the host binary and thus gain root-level code execution on
the host. As the LXC project considers privileged containers to be unsafe
no CVE has been assigned for this issue for LXC. To prevent this attack,
LXC has been patched to create a temporary copy of the calling binary
itself when it starts or attaches to containers. To do this LXC creates an
anonymous, in-memory file using the memfd_create() system call and copies
itself into the temporary in-memory file, which is then sealed to prevent
further modifications. LXC then executes this sealed, in-memory file
instead of the original on-disk binary.
For more information, see:
https://seclists.org/oss-sec/2019/q1/119
(* Security fix *)
d/kernel-headers-4.19.21-x86-1.txz: Upgraded.
k/kernel-source-4.19.21-noarch-1.txz: Upgraded.
l/libbluray-1.1.0-x86_64-1.txz: Upgraded.
l/libcap-2.26-x86_64-2.txz: Rebuilt.
Don't ship static library.
l/xapian-core-1.4.10-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.13-x86_64-1.txz: Upgraded.
n/irssi-1.2.0-x86_64-1.txz: Upgraded.
n/libassuan-2.5.3-x86_64-1.txz: Upgraded.
x/bitmap-1.0.9-x86_64-1.txz: Upgraded.
x/libXau-1.0.9-x86_64-1.txz: Upgraded.
x/pixman-0.38.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'ChangeLog.rss')
| -rw-r--r-- | ChangeLog.rss | 47 |
1 files changed, 45 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 6bc3ccd01..26532c999 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,53 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Sun, 10 Feb 2019 20:55:14 GMT</pubDate> - <lastBuildDate>Mon, 11 Feb 2019 07:59:42 GMT</lastBuildDate> + <pubDate>Wed, 13 Feb 2019 00:22:29 GMT</pubDate> + <lastBuildDate>Wed, 13 Feb 2019 07:59:42 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.10</generator> <item> + <title>Wed, 13 Feb 2019 00:22:29 GMT</title> + <pubDate>Wed, 13 Feb 2019 00:22:29 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20190213002229</link> + <guid isPermaLink="false">20190213002229</guid> + <description> + <![CDATA[<pre> +a/kernel-firmware-20190212_28f5f7d-noarch-1.txz: Upgraded. +a/kernel-generic-4.19.21-x86_64-1.txz: Upgraded. +a/kernel-huge-4.19.21-x86_64-1.txz: Upgraded. +a/kernel-modules-4.19.21-x86_64-1.txz: Upgraded. +ap/lxc-2.0.9_d3a03247-x86_64-1.txz: Upgraded. + This update fixes a security issue where a malicious privileged container + could overwrite the host binary and thus gain root-level code execution on + the host. As the LXC project considers privileged containers to be unsafe + no CVE has been assigned for this issue for LXC. To prevent this attack, + LXC has been patched to create a temporary copy of the calling binary + itself when it starts or attaches to containers. To do this LXC creates an + anonymous, in-memory file using the memfd_create() system call and copies + itself into the temporary in-memory file, which is then sealed to prevent + further modifications. LXC then executes this sealed, in-memory file + instead of the original on-disk binary. + For more information, see: + https://seclists.org/oss-sec/2019/q1/119 + (* Security fix *) +d/kernel-headers-4.19.21-x86-1.txz: Upgraded. +k/kernel-source-4.19.21-noarch-1.txz: Upgraded. +l/libbluray-1.1.0-x86_64-1.txz: Upgraded. +l/libcap-2.26-x86_64-2.txz: Rebuilt. + Don't ship static library. +l/xapian-core-1.4.10-x86_64-1.txz: Upgraded. +n/gnupg2-2.2.13-x86_64-1.txz: Upgraded. +n/irssi-1.2.0-x86_64-1.txz: Upgraded. +n/libassuan-2.5.3-x86_64-1.txz: Upgraded. +x/bitmap-1.0.9-x86_64-1.txz: Upgraded. +x/libXau-1.0.9-x86_64-1.txz: Upgraded. +x/pixman-0.38.0-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. + </pre>]]> + </description> + </item> + <item> <title>Sun, 10 Feb 2019 20:55:14 GMT</title> <pubDate>Sun, 10 Feb 2019 20:55:14 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20190210205514</link> |