1024 matches found
[SECURITY] Fedora 23 Update: mock-1.2.21-1.fc23
Mock takes an SRPM and builds it in a chroot...
[SECURITY] Fedora 25 Update: mock-1.2.21-1.fc25
Mock takes an SRPM and builds it in a chroot...
[SECURITY] Fedora 24 Update: mock-1.2.21-1.fc24
Mock takes an SRPM and builds it in a chroot...
[SECURITY] Fedora 23 Update: pbuilder-0.225.2-1.fc23
pbuilder constructs a chroot system, and builds a package inside the chroot. It is an ideal system to use to check that a package has correct build- dependencies...
[SECURITY] Fedora 24 Update: pbuilder-0.225.2-1.fc24
pbuilder constructs a chroot system, and builds a package inside the chroot. It is an ideal system to use to check that a package has correct build- dependencies...
OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0038)
The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices 1245969 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317816 - SSH2MSGDISCONNECT for user initiate...
SUSE-SU-2015:2292-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.51 to receive various security and bugfixes. Following features were added: - hwrng: Add a driver for the hwrng found in power7+ systems fate315784. Following security bugs were fixed: - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 sta...
Design/Logic Flaw
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...
CVE-2015-2925
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...
DEBIAN-CVE-2015-2925
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...
CVE-2015-2925
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...
CVE-2015-2925
The vulnerability CVE-2015-2925 affects the Linux kernel prior to 4.2.4, specifically the prepend_path function in fs/dcache.c. It allows a local attacker to bypass container protections by renaming a directory inside a bind mount, enabling a double-chroot-style escape. The impact is enabling pri...
CVE-2015-2925
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...
[SECURITY] Fedora 21 Update: pure-ftpd-1.0.36-7.fc21
Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...
[SECURITY] Fedora 22 Update: pure-ftpd-1.0.36-7.fc22
Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...
Server: Disclosure of users files when deleting parent folders of shared files
Due to a common incorrect usage of the getPath function of the ownCloud virtual filesystem multiple security issues occurred. Especially the function may return null in case the specified file does not exist anymore. When passing the result of getPath in combination with null to functions that...
SOL16880 - Libcap vulnerability CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors. CVE-2011-4099...
docker: insecure opening of file-descriptor 1 leading to privilege escalation
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image...
Crouton - Chromium OS Universal Chroot Environment
crouton is a set of scripts that bundle up into an easy-to-use, Chromium OS-centric chroot generator. Currently Ubuntu and Debian are supported using debootstrap behind the scenes, but "Chromium OS Debian, Ubuntu, and Probably Other Distros Eventually Chroot Environment" doesn't acronymize as wel...
FreeBSD : proftpd -- arbitrary code execution vulnerability with chroot (d0034536-ff24-11e4-a072-d050996490d0)
ProFTPd development team reports : Vadim Melihow reported a critical issue with proftpd installations that use the modcopy module's SITE CPFR/SITE CPTO commands; modcopy allows these commands to be used by unauthenticated clients. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...