(https://nvd.nist.gov/vuln/detail/CVE-2019-12499): Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail (with the exploit code inside) needs to be started as root, and it also needs to be terminated as root from the host (either by stopping it ungracefully (e.g., SIGKILL), or by using the --shutdown control command). This is similar to CVE-2019-5736. Gentoo Security Padawan (domhnall)
This "was fixed in 0.9.60, 0.9.56.2-LTS" [1]. [1]: https://firejail.wordpress.com/download-2/cve-status/ Maintainer, do you intend to bump the LTS release?
Hi Aron, yes the ebuild of the firejail LTS version was bumped to 0.9.56.2. Best regards, Dennis
(In reply to Dennis Lamm from comment #2) > Hi Aron, > > yes the ebuild of the firejail LTS version was bumped to 0.9.56.2. > > Best regards, > Dennis Ah, now I see there is a separate package for LTS. Please call for stable when ready so we can proceed to remove the vulnerable ebuilds.
*** Bug 693774 has been marked as a duplicate of this bug. ***
*** Bug 693776 has been marked as a duplicate of this bug. ***
amd64 stable. Maintainer(s), please cleanup. Security, please vote.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1f4499a201d0bc9431172b00cbd52f1d0943bdba commit 1f4499a201d0bc9431172b00cbd52f1d0943bdba Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-03-15 21:42:47 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-03-15 21:43:39 +0000 sys-apps/firejail-lts: amd64 stable Bug: https://bugs.gentoo.org/687108 Package-Manager: Portage-2.3.94, Repoman-2.3.21 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> sys-apps/firejail-lts/firejail-lts-0.9.56.2-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Repository is clean, all done!