lxc 1.0.7-0ubuntu0.2 source package in Ubuntu

Changelog

lxc (1.0.7-0ubuntu0.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Arbitrary file creation via unintentional symlink
    following when accessing an LXC lock file (LP: #1470842)
    - debian/patches/0001-CVE-2015-1331.patch: Use /run/lxc/lock, rather than
      /run/lock/lxc, as /run and /run/lxc is only writable by root. Based on
      patch from upstream.
    - CVE-2015-1131
  * SECURITY UPDATE: Container AppArmor/SELinux confinement breakout via
    lxc-attach using a potentially malicious container proc filesystem to
    initialize confinement (LP: #1475050)
    - debian/patches/0002-CVE-2015-1334.patch: Use the host's proc filesystem
      to set up AppArmor profile and SELinux domain transitions during
      lxc-attach. Based on patch from upstream.
    - CVE-2015-1334

 -- Tyler Hicks <email address hidden>  Fri, 17 Jul 2015 10:58:00 -0500

Upload details

Uploaded by:
Tyler Hicks on 2015-07-17
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
linux-any
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
lxc_1.0.7.orig.tar.gz 779.0 KiB 3c0cb2d95d9d8a8d59c7189d237a45cde77f38ea180fbff2c148d59e176e9dab
lxc_1.0.7-0ubuntu0.2.debian.tar.gz 49.4 KiB b78f62a445d288a95e56f3954575adcebe0d5d54f01ff9474bc27eb2f640e817
lxc_1.0.7-0ubuntu0.2.dsc 2.2 KiB ce30b4bb8fd8f5f603832d02b524e60d4a0550cd37d2c45bb338521a252736dc

View changes file

Binary packages built by this source

liblxc1: Linux Containers userspace tools (library)

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the libraries.

liblxc1-dbgsym: debug symbols for package liblxc1

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the libraries.

lxc: Transitional package for lxc1

 This is a transitional dummy package. It can safely be removed.
 .
 The currently recommended LXC experience is available as lxc2 and is
 provided by LXD using the LXC backend.

lxc-dbg: Linux Containers userspace tools (debug)

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the debugging symbols.

lxc-dbgsym: debug symbols for package lxc

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package provides the lxc-* tools, which can be used to start a single
 daemon in a container, or to boot an entire "containerized" system, and to
 manage and debug your containers.

lxc-dev: Linux Containers userspace tools (development)

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the development files.

lxc-dev-dbgsym: debug symbols for package lxc-dev

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the development files.

lxc-templates: Linux Containers userspace tools (templates)

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the templates.

lxc-templates-dbgsym: debug symbols for package lxc-templates

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the templates.

lxc-tests: Linux Containers userspace tools (test binaries)

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the test binaries. Those binaries are primarily
 used for autopkgtest and by some developers. They are not meant to be
 installed on regular user systems.

lxc-tests-dbgsym: debug symbols for package lxc-tests

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the test binaries. Those binaries are primarily
 used for autopkgtest and by some developers. They are not meant to be
 installed on regular user systems.

python3-lxc: Linux Containers userspace tools (Python 3.x bindings)

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the Python 3.x bindings.

python3-lxc-dbgsym: debug symbols for package python3-lxc

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the Python 3.x bindings.