UbuntuUpdates.org

Package "lxc"

Name: lxc

Description:

Linux Containers userspace tools

Latest version: 1.0.10-0ubuntu1.1
Release: trusty (14.04)
Level: updates
Repository: main
Homepage: http://linuxcontainers.org

Links


Download "lxc"


Other versions of "lxc" in Trusty

Repository Area Version
base main 1.0.3-0ubuntu3
security main 1.0.10-0ubuntu1.1
backports main 2.0.8-0ubuntu1~14.04.1
PPA: Ubuntu SDK Release 2.0.5-0ubuntu3~ubuntu14.04.1~ppa1
PPA: Lxd 2.1.1-0ubuntu1~ubuntu14.04.1~ppa1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.0.10-0ubuntu1.1 2017-08-02 14:06:45 UTC

  lxc (1.0.10-0ubuntu1.1) trusty-security; urgency=medium

  * No change rebuild as a security update.

 -- Marc Deslauriers <email address hidden> Tue, 01 Aug 2017 11:31:21 -0400

Source diff to previous version

Version: 1.0.10-0ubuntu1 2017-06-21 19:06:35 UTC

  lxc (1.0.10-0ubuntu1) trusty; urgency=medium

  * New upstream bugfix release. (LP: #1693002)
    - Security fix for CVE-2016-10124
    - Security fix for CVE-2017-5985

    - attach: simplify lsm_openat()
    - commands: improve logging
    - utils: add macro __LXC_NUMSTRLEN
    - tests; Don't cause test failures on cleanup errors
    - conf: clearly report to either use drop or keep
    - attach: close lsm label file descriptor
    - conf, attach: save errno across call to close
    - templates/lxc-debian.in: Fix typo in calling dpkg with
      --print-foreign-architectures option
    - templates/lxc-debian.in: handle ppc hostarch -> powerpc
    - Fix regression in errno handling cherry-pick
    - don't try to get stuff from /usr/lib/systemd on the host
    - lxc-opensuse: rm poweroff.target -> sigpwr.target copy
    - Add --enable-gnutls option
    - tests: skip unpriv tests on broken overlay module
    - Use AC_HEADER_MAJOR to detect major()/minor()/makedev()
    - Make lxc-start-ephemeral Python 3.2-compatible
    - systemd: enable delegate in service file
    - confile: clear lxc.network..ipv{4,6} when empty
    - seccomp: allow x32 guests on amd64 hosts.
    - squeeze is not a supported release anymore, drop the key
    - seccomp: set SCMP_FLTATR_ATL_TSKIP if available
    - lxc-checkconfig: verify new[ug]idmap are setuid-root
    - python3: Deal with potential NULL char*
    - lxc-download.in / allow setting keyserver from env
    - lxc-download.in / Document keyserver change in help
    - Change variable check to match existing style
    - tests: Support running on IPv6 networks
    - tests: Kill containers (don't wait for shutdown)
    - Fix opening wrong file in suggest_default_idmap
    - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals
    - Increased buffer length in print_stats()
    - remove obsolete note about api stability
    - conf: less error prone pointer access
    - create ISSUE_TEMPLATE.md
    - issue template: fix typo
    - conf: order mount options
    - commands: avoid NULL pointer dereference
    - commands: non-functional changes
    - lxccontainer: avoid NULL pointer dereference

 -- Stéphane Graber <email address hidden> Tue, 23 May 2017 14:44:34 -0400

Source diff to previous version
1693002 SRU of LXC 1.0.10 (upstream bugfix release)
CVE-2016-1012 Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to
CVE-2017-5985 RESERVED

Version: 1.0.9-0ubuntu3 2017-03-09 18:06:51 UTC

  lxc (1.0.9-0ubuntu3) trusty-security; urgency=medium

  * SECURITY UPDATE: lxc-user-nic doesn't check netns ownership (LP: #1654676)
    - Ensure target netns is caller-owned
    - CVE-2017-5985

 -- Stéphane Graber <email address hidden> Tue, 07 Mar 2017 14:39:58 -0500

Source diff to previous version
1654676 lxc-user-nic does not ensure that target netns is caller-owned
CVE-2017-5985 RESERVED

Version: 1.0.9-0ubuntu2 2017-01-18 22:06:37 UTC

  lxc (1.0.9-0ubuntu2) trusty; urgency=medium

  * Cherry-pick upstream bugfix (LP: #1647016):
    - 0001-tests-skip-unpriv-tests-on-broken-overlay-module.patch

 -- Stéphane Graber <email address hidden> Wed, 04 Jan 2017 12:38:37 -0500

Source diff to previous version
1647016 SRU of LXC 1.0.9 (upstream bugfix release)

Version: 1.0.8-0ubuntu0.4 2016-11-23 18:06:42 UTC

  lxc (1.0.8-0ubuntu0.4) trusty-security; urgency=medium

  * SECURITY UPDATE: Escape through ptrace and inherited fd (LP: #1639345)
    - attach: Do not send procfd to attached process
    - CVE-2016-8649

 -- Stéphane Graber <email address hidden> Tue, 22 Nov 2016 00:49:00 -0500

CVE-2016-8649 lxc-attach to malicious container allows access to host



About   -   Send Feedback to @ubuntu_updates