diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index b303beb3..538d38be 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,38 @@ +Wed Feb 13 00:22:29 UTC 2019 +a/kernel-firmware-20190212_28f5f7d-noarch-1.txz: Upgraded. +a/kernel-generic-4.19.21-x86_64-1.txz: Upgraded. +a/kernel-huge-4.19.21-x86_64-1.txz: Upgraded. +a/kernel-modules-4.19.21-x86_64-1.txz: Upgraded. +ap/lxc-2.0.9_d3a03247-x86_64-1.txz: Upgraded. + This update fixes a security issue where a malicious privileged container + could overwrite the host binary and thus gain root-level code execution on + the host. As the LXC project considers privileged containers to be unsafe + no CVE has been assigned for this issue for LXC. To prevent this attack, + LXC has been patched to create a temporary copy of the calling binary + itself when it starts or attaches to containers. To do this LXC creates an + anonymous, in-memory file using the memfd_create() system call and copies + itself into the temporary in-memory file, which is then sealed to prevent + further modifications. LXC then executes this sealed, in-memory file + instead of the original on-disk binary. + For more information, see: + https://seclists.org/oss-sec/2019/q1/119 + (* Security fix *) +d/kernel-headers-4.19.21-x86-1.txz: Upgraded. +k/kernel-source-4.19.21-noarch-1.txz: Upgraded. +l/libbluray-1.1.0-x86_64-1.txz: Upgraded. +l/libcap-2.26-x86_64-2.txz: Rebuilt. + Don't ship static library. +l/xapian-core-1.4.10-x86_64-1.txz: Upgraded. +n/gnupg2-2.2.13-x86_64-1.txz: Upgraded. +n/irssi-1.2.0-x86_64-1.txz: Upgraded. +n/libassuan-2.5.3-x86_64-1.txz: Upgraded. +x/bitmap-1.0.9-x86_64-1.txz: Upgraded. +x/libXau-1.0.9-x86_64-1.txz: Upgraded. +x/pixman-0.38.0-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ Sun Feb 10 20:55:14 UTC 2019 d/python-pip-19.0.2-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_27-x86_64-1.txz: Upgraded. |