| Message ID | 1367355545-10432-1-git-send-email-john.johansen@canonical.com |
|---|---|
| State | New |
| Headers | show |
Straightforward clean cherry picks.
On 04/30/2013 01:59 PM, John Johansen wrote: > Please pull or apply the following patches > > The following changes since commit c9170f3912a16df992e3e9763ebadf7f845f96f4: > > UBUNTU: Ubuntu-3.8.0-19.29 (2013-04-17 12:01:17 -0600) > > are available in the git repository at: > > git://kernel.ubuntu.com/jj/ubuntu-raring.git cve-2013-1959 > > for you to fetch changes up to f76eda62f61ecc9af2b067ff3568bf03c313b9ef: > > userns: Changing any namespace id mappings should require privileges (CVE-2013-1979) (2013-04-30 10:24:02 -0700) > > ---------------------------------------------------------------- > Andy Lutomirski (2): > userns: Check uid_map's opener's fsuid, not the current fsuid (CVE-2013-1959) > userns: Changing any namespace id mappings should require privileges (CVE-2013-1979) > > Eric W. Biederman (1): > userns: Don't let unprivileged users trick privileged users into setting the id_map (CVE-2013-1959) > > Linus Torvalds (2): > Add file_ns_capable() helper function for open-time capability checking (CVE-2013-1959) > net: fix incorrect credentials passing (CVE-2013-1979) > > include/linux/capability.h | 2 ++ > include/net/scm.h | 4 ++-- > kernel/capability.c | 24 ++++++++++++++++++++++++ > kernel/user_namespace.c | 22 +++++++++++++--------- > 4 files changed, 41 insertions(+), 11 deletions(-) > >
Please pull or apply the following patches The following changes since commit c9170f3912a16df992e3e9763ebadf7f845f96f4: UBUNTU: Ubuntu-3.8.0-19.29 (2013-04-17 12:01:17 -0600) are available in the git repository at: git://kernel.ubuntu.com/jj/ubuntu-raring.git cve-2013-1959 for you to fetch changes up to f76eda62f61ecc9af2b067ff3568bf03c313b9ef: userns: Changing any namespace id mappings should require privileges (CVE-2013-1979) (2013-04-30 10:24:02 -0700) ---------------------------------------------------------------- Andy Lutomirski (2): userns: Check uid_map's opener's fsuid, not the current fsuid (CVE-2013-1959) userns: Changing any namespace id mappings should require privileges (CVE-2013-1979) Eric W. Biederman (1): userns: Don't let unprivileged users trick privileged users into setting the id_map (CVE-2013-1959) Linus Torvalds (2): Add file_ns_capable() helper function for open-time capability checking (CVE-2013-1959) net: fix incorrect credentials passing (CVE-2013-1979) include/linux/capability.h | 2 ++ include/net/scm.h | 4 ++-- kernel/capability.c | 24 ++++++++++++++++++++++++ kernel/user_namespace.c | 22 +++++++++++++--------- 4 files changed, 41 insertions(+), 11 deletions(-)