[SRU,Trusty,Artful,0/1] Fix for CVE-2017-17807

Message ID	20180201180958.10831-1-kleber.souza@canonical.com
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: Kleber Sacilotto de Souza <kleber.souza@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [SRU][Trusty][Artful][PATCH 0/1] Fix for CVE-2017-17807 Date: Thu, 1 Feb 2018 19:09:56 +0100 Message-Id: <20180201180958.10831-1-kleber.souza@canonical.com> Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>
Series	Fix for CVE-2017-17807 \| expand [SRU,Trusty,Artful,0/1] Fix for CVE-2017-17807 [SRU,Trusty,1/1] KEYS: add missing permission check for request_key() destination

Message ID

20180201180958.10831-1-kleber.souza@canonical.com

Headers

From: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][Trusty][Artful][PATCH 0/1] Fix for CVE-2017-17807
Date: Thu,  1 Feb 2018 19:09:56 +0100
Message-Id: <20180201180958.10831-1-kleber.souza@canonical.com>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

Series

Fix for CVE-2017-17807 | expand

Message

Kleber Sacilotto de Souza Feb. 1, 2018, 6:09 p.m. UTC

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-17807.html

Clean cherry pick for Artful, backported for Trusty, fix for Xenial is queued
as part of stable update to 4.4.107.

Eric Biggers (1):
  KEYS: add missing permission check for request_key() destination

 security/keys/request_key.c | 48 +++++++++++++++++++++++++++++++++++----------
 1 file changed, 38 insertions(+), 10 deletions(-)

Comments

Khalid Elmously Feb. 9, 2018, 3:22 p.m. UTC | #1

On 2018-02-01 19:09:56 , Kleber Sacilotto de Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-17807.html
> 
> Clean cherry pick for Artful, backported for Trusty, fix for Xenial is queued
> as part of stable update to 4.4.107.
> 
> Eric Biggers (1):
>   KEYS: add missing permission check for request_key() destination
> 
>  security/keys/request_key.c | 48 +++++++++++++++++++++++++++++++++++----------
>  1 file changed, 38 insertions(+), 10 deletions(-)
> 

Acked-by: Khalid Elmously <khalid.elmously@canonical.com>

Stefan Bader Feb. 28, 2018, 10 a.m. UTC | #2

On 01.02.2018 19:09, Kleber Sacilotto de Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-17807.html
> 
> Clean cherry pick for Artful, backported for Trusty, fix for Xenial is queued
> as part of stable update to 4.4.107.
> 
> Eric Biggers (1):
>   KEYS: add missing permission check for request_key() destination
> 
>  security/keys/request_key.c | 48 +++++++++++++++++++++++++++++++++++----------
>  1 file changed, 38 insertions(+), 10 deletions(-)
> 
Acked-by: Stefan Bader <stefan.bader@canonical.com>

Kleber Sacilotto de Souza March 1, 2018, 2:16 p.m. UTC | #3

On 02/01/18 19:09, Kleber Sacilotto de Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-17807.html
> 
> Clean cherry pick for Artful, backported for Trusty, fix for Xenial is queued
> as part of stable update to 4.4.107.
> 
> Eric Biggers (1):
>   KEYS: add missing permission check for request_key() destination
> 
>  security/keys/request_key.c | 48 +++++++++++++++++++++++++++++++++++----------
>  1 file changed, 38 insertions(+), 10 deletions(-)
> 

Applied to trusty/master-next-backlog and artful/master-next-backlog
branches.

Thanks,
Kleber