package/lxc: security bump to version 3.0.3 - buildroot

diff options

author	Fabrice Fontaine <fontaine.fabrice@gmail.com>	2018-12-02 10:08:38 +0100
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2018-12-03 09:09:44 +0100
commit	df6a01af235c02104e88ea771a5e9c74698d1aba (patch)
tree	ac25eb08c3a88395dfef4820aeb2bca607029a85 /support/testing/tests/package/test_perl_libwww_perl.py
parent	29e77c070bfea2e1028ddb77d38374e83f8ac18f (diff)
download	buildroot-df6a01af235c02104e88ea771a5e9c74698d1aba.tar.gz buildroot-df6a01af235c02104e88ea771a5e9c74698d1aba.zip

package/lxc: security bump to version 3.0.3

This bump also includes the fix for CVE-2018-6556 released in 3.0.2 via commit "CVE 2018-6556: verify netns fd in lxc-user-nic": lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path: https://github.com/lxc/lxc/commit/c1cf54ebf251fdbad1e971679614e81649f1c032 This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Also add a dependency on gcc >= 4.7 (https://github.com/lxc/lxc/issues/2592) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Diffstat (limited to 'support/testing/tests/package/test_perl_libwww_perl.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: