Описание
Security update for lxc
lxc was update to fix one security issue.
The following vulnerability was fixed:
- CVE-2015-1335: A directory traversal flaw while lxc-start is initially setting up the mounts for a container (bsc#946744)
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
lxc-0.8.0-0.25.1
SUSE Linux Enterprise Desktop 11 SP4
lxc-0.8.0-0.25.1
SUSE Linux Enterprise Server 11 SP3
lxc-0.8.0-0.25.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
lxc-0.8.0-0.25.1
SUSE Linux Enterprise Server 11 SP4
lxc-0.8.0-0.25.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
lxc-0.8.0-0.25.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
lxc-0.8.0-0.25.1
SUSE Linux Enterprise Software Development Kit 11 SP3
lxc-0.8.0-0.25.1
lxc-devel-0.8.0-0.25.1
SUSE Linux Enterprise Software Development Kit 11 SP4
lxc-0.8.0-0.25.1
lxc-devel-0.8.0-0.25.1
Ссылки
- Link for SUSE-SU-2015:1829-1
- E-Mail link for SUSE-SU-2015:1829-1
- SUSE Security Ratings
- SUSE Bug 946744
- SUSE CVE CVE-2015-1335 page
Описание
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:lxc-0.8.0-0.25.1
SUSE Linux Enterprise Desktop 11 SP4:lxc-0.8.0-0.25.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:lxc-0.8.0-0.25.1
SUSE Linux Enterprise Server 11 SP3:lxc-0.8.0-0.25.1
Ссылки
- CVE-2015-1335
- SUSE Bug 946744