[kernel-sec-discuss] [Git][kernel-team/kernel-sec][master] Add note for 4.9.x and CVE-2018-1068 for additional required commit
Salvatore Bonaccorso
gitlab at salsa.debian.org
Sun Mar 18 21:21:46 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian kernel team / kernel-sec
Commits:
fc4ba835 by Salvatore Bonaccorso at 2018-03-18T22:21:38+01:00
Add note for 4.9.x and CVE-2018-1068 for additional required commit
- - - - -
1 changed file:
- active/CVE-2018-1068
Changes:
=====================================
active/CVE-2018-1068
=====================================
--- a/active/CVE-2018-1068
+++ b/active/CVE-2018-1068
@@ -7,6 +7,12 @@ Notes:
carnil> Fixed as well in 4.15.10
carnil> This is mitigated in Debian by unprivileged user namespaces being
carnil> default-disabled.
+ carnil> cherry picking the commit for 4.9.x would need as well commit
+ carnil> 932909d9b28d27e807ff8eecb68c7748f6701628 ("netfilter: ebtables:
+ carnil> fix erroneous reject of last rule") as a followup fix.
+ carnil> Cf. Message-ID: <20180313112930.GA31828 at breakpoint.cc>
+ carnil> else "it becomes impossible to add rules to the last builtin base
+ carnil> chain."
Bugs:
upstream: released (4.16-rc5) [b71812168571fa55e44cdd0254471331b9c4c4c6]
4.9-upstream-stable: released (4.9.88) [21ff147189ff0692d203282c1dced02f83dcf785]
View it on GitLab: https://salsa.debian.org/kernel-team/kernel-sec/commit/fc4ba835ebb41cd161dc83bf1759a7036d23f62c
---
View it on GitLab: https://salsa.debian.org/kernel-team/kernel-sec/commit/fc4ba835ebb41cd161dc83bf1759a7036d23f62c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/kernel-sec-discuss/attachments/20180318/e2bdae4e/attachment-0001.html>
More information about the kernel-sec-discuss
mailing list