blob: a5f632cd2b2d99541c6f589fb3711d55b21f1191 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Description: chown removes security.capability xattr on other users' files
References:
- http://www.openwall.com/lists/oss-security/2015/01/17/12
- http://www.openwall.com/lists/oss-security/2015/01/24/5
Notes:
bwh> The bug seems to have present ever since file capabilities were added
bwh> in 2.6.24.
carnil> prerequisite: 31051c85b5e2aaaf6315f74c72a732673632a905
carnil> fixes backportable to older versions without breakage?
Bugs: 770492
upstream: released (4.9-rc1) [030b533c4fd4d2ec3402363323de4bb2983c9cee]
sid: released (4.8.11-1) [bugfix/all/xfs-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/ceph-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fuse-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fs-Give-dentry-to-inode_change_ok-instead-of-inode.patch, bugfix/all/fs-Avoid-premature-clearing-of-capabilities.patch]
3.16-jessie-security: released (3.16.39-1)
3.2-wheezy-security: released (3.2.84-1)
3.16-upstream-stable: released (3.16.39) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
3.2-upstream-stable: released (3.2.84) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
|