UbuntuUpdates.org

Package "firejail"

Name: firejail

Description:

sandbox to restrict the application environment

Latest version: 0.9.38.10-0ubuntu0.16.04.1
Release: xenial (16.04)
Level: updates
Repository: universe
Homepage: https://firejail.wordpress.com

Links


Download "firejail"


Other versions of "firejail" in Xenial

Repository Area Version
base universe 0.9.38-1
security universe 0.9.38-1ubuntu0.1

Changelog

Version: 0.9.38.10-0ubuntu0.16.04.1 2017-02-09 04:06:43 UTC

  firejail (0.9.38.10-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream micro release. (LP: #1658824)

 -- Reiner Herrmann <email address hidden> Mon, 16 Jan 2017 21:52:07 +0100

Source diff to previous version
1658824 [SRU] New upstream microrelease

Version: 0.9.38-1ubuntu0.1 2017-01-24 14:06:44 UTC

  firejail (0.9.38-1ubuntu0.1) xenial-security; urgency=low

  * SECURITY UPDATE: sandbox escape via TIOCSTI ioctl (LP: #1655136)
    - debian/patches/CVE-2016-9016.patch: cherry-picked from upstream
      0.9.38-LTS branch (commit 19302eb)
    - CVE-2016-9016
  * SECURITY UPDATE: truncate /etc/resolv.conf as non-root user (LP: #1655136)
    - debian/patches/CVE-2016-10118.patch: cherry-picked from upstream
      0.9.38-LTS branch (commit 4f4e59c)
    - CVE-2016-10118
  * SECURITY UPDATE: local privilege escalation to root (LP: #1655136)
    - debian/patches/CVE-2017-5180.patch: cherry-picked from upstream
      0.9.38-LTS branch (commit ad97545)
    - CVE-2017-5180

 -- Reiner Herrmann <email address hidden> Tue, 17 Jan 2017 20:16:26 +0100

1655136 Multiple CVEs in xenial
CVE-2016-9016 Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
CVE-2016-1011 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.
CVE-2017-5180 firejail local root exploit



About   -   Send Feedback to @ubuntu_updates