From ${URL} : Two security issues were found in LXC: * Roman Fiedler discovered a directory traversal flaw that allows arbitrary file creation as the root user. A local attacker must set up a symlink at /run/lock/lxc/var/lib/lxc/<CONTAINER>, prior to an admin ever creating an LXC container on the system. If an admin then creates a container with a name matching <CONTAINER>, the symlink will be followed and LXC will create an empty file at the symlink's target as the root user. - CVE-2015-1331 - Affects LXC 1.0.0 and higher - https://launchpad.net/bugs/1470842 - https://github.com/lxc/lxc/commit/72cf81f6a3404e35028567db2c99a90406e9c6e6 (master) - https://github.com/lxc/lxc/commit/61ecf69d7834921cc078e14d1b36c459ad8f91c7 (stable-1.1) - https://github.com/lxc/lxc/commit/f547349ea7ef3a6eae6965a95cb5986cd921bd99 (stable-1.0) * Roman Fiedler discovered a flaw that allows processes intended to be run inside of confined LXC containers to escape their AppArmor or SELinux confinement. A malicious container can create a fake proc filesystem, possibly by mounting tmpfs on top of the container's /proc, and wait for a lxc-attach to be ran from the host environment. lxc-attach incorrectly trusts the container's /proc/PID/attr/{current,exec} files to set up the AppArmor profile and SELinux domain transitions which may result in no confinement being used. - CVE-2015-1334 - Affects LXC 0.9.0 and higher - https://launchpad.net/bugs/1475050 - https://github.com/lxc/lxc/commit/5c3fcae78b63ac9dd56e36075903921bd9461f9e (master) - https://github.com/lxc/lxc/commit/659e807c8dd1525a5c94bdecc47599079fad8407 (stable-1.1) - https://github.com/lxc/lxc/commit/15ec0fd9d490dd5c8a153401360233c6ee947c24 (stable-1.0) @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Fix for 1.0-stable: $ git tag --contains 15ec0fd9d490dd5c8a153401360233c6ee947c24 lxc-1.0.8 @ Arches, please test and mark stable: =app-emulation/lxc-1.0.8
amd64 stable
x86 stable
ppc64 stable. Maintainer(s), please cleanup. Security, please vote.
https://github.com/gentoo/gentoo/pull/3619
GLSA Vote: No
tree is clean