Описание
Security update for lxc
The container framework LXC has been updated to fix various bugs and a security issue:
* CVE-2013-6441: The sshd template allowed privilege escalation on the
host.
* SLES container time not aligned with host time (bnc#839653)
* SLES container boot takes ages (bnc#839663)
* lxc mounts /dev/pts with wrong options (bnc#869663)
Security Issues:
* CVE-2013-6441
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6441>
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
lxc-0.8.0-0.21.6
SUSE Linux Enterprise Server 11 SP3
lxc-0.8.0-0.21.6
SUSE Linux Enterprise Server 11 SP3-TERADATA
lxc-0.8.0-0.21.6
SUSE Linux Enterprise Server for SAP Applications 11 SP3
lxc-0.8.0-0.21.6
SUSE Linux Enterprise Software Development Kit 11 SP3
lxc-0.8.0-0.21.6
lxc-devel-0.8.0-0.21.6
Ссылки
- Link for SUSE-RU-2015:0992-1
- E-Mail link for SUSE-RU-2015:0992-1
- SUSE Security Ratings
- SUSE Bug 835585
- SUSE Bug 839653
- SUSE Bug 839663
- SUSE Bug 855809
- SUSE Bug 869663
- SUSE Bug 924891
- SUSE Bug 924892
- SUSE CVE CVE-2013-6441 page
Описание
The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:lxc-0.8.0-0.21.6
SUSE Linux Enterprise Server 11 SP3-TERADATA:lxc-0.8.0-0.21.6
SUSE Linux Enterprise Server 11 SP3:lxc-0.8.0-0.21.6
SUSE Linux Enterprise Server for SAP Applications 11 SP3:lxc-0.8.0-0.21.6
Ссылки
- CVE-2013-6441
- SUSE Bug 855809