NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/lxc: security bump to version 3.0.3

Browse Source 
This bump also includes the fix for CVE-2018-6556 released in 3.0.2 via
commit "CVE 2018-6556: verify netns fd in lxc-user-nic": lxc-user-nic
when asked to delete a network interface will unconditionally open a
user provided path:
c1cf54ebf2

This code path may be used by an unprivileged user to check for the
existence of a path which they wouldn't otherwise be able to reach. It
may also be used to trigger side effects by causing a (read-only) open
of special kernel files (ptmx, proc, sys).

Also add a dependency on gcc >= 4.7
(https://github.com/lxc/lxc/issues/2592)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit is contained in:
Fabrice Fontaine 2018-12-02 10:08:38 +01:00 committed by Thomas Petazzoni
parent 29e77c070b
commit df6a01af23
3 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/lxc/Config.in
View File

@ -4,6 +4,7 @@ config BR2_PACKAGE_LXC
depends on BR2_USE_MMU # fork()
# build system forcefully builds a shared library
depends on !BR2_STATIC_LIBS
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 # C++11
depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0 # setns() system call
help
Linux Containers (LXC), provides the ability to group and
@ -13,8 +14,9 @@ config BR2_PACKAGE_LXC
https://linuxcontainers.org/
comment "lxc needs a toolchain w/ threads, headers >= 3.0, dynamic library"
comment "lxc needs a toolchain w/ threads, headers >= 3.0, dynamic library, gcc >= 4.7"
depends on BR2_USE_MMU
depends on !BR2_TOOLCHAIN_HAS_THREADS \
|| !BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 \
|| !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0 \
|| BR2_STATIC_LIBS

2
package/lxc/lxc.hash
View File

@ -1,3 +1,3 @@
# Locally calculated
sha256 45986c49be1c048fa127bd3e7ea1bd3347e25765c008a09a2e4c233151a2d5db lxc-3.0.1.tar.gz
sha256 620cb832cc02c63bf4d330657bf6176544e145da281ee384a34d689635a19841 lxc-3.0.3.tar.gz
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING

2
package/lxc/lxc.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
LXC_VERSION = 3.0.1
LXC_VERSION = 3.0.3
LXC_SITE = https://linuxcontainers.org/downloads/lxc
LXC_LICENSE = LGPL-2.1+
LXC_LICENSE_FILES = COPYING