tag name | v0.1.6 (27aa1afb3d4705b591d46a93a259a87e92544377) |
tag date | 2017-01-10 10:23:12 -0500 |
tagged by | Colin Walters <walters@verbum.org> |
tagged object | commit 9f6076ddf2... |
download | bubblewrap-0.1.6.tar.gz |
---|
Release 0.1.6 (CVE-2017-5226)
This fixes a security issue with `TIOCSTI`, aka CVE-2017-522. Note bubblewrap is
far from the only program that has this issue, and I think the best fix is
probably in the kernel to support disabling this ioctl.
Programs can also work around this by calling `setsid()` on their own in an exec
handler before doing an `exevp("bwrap")`.
Git-EVTag-v0-SHA512: aea2bc21fa6194f7d5c4eaf7294dd35e4434616678d2f79c1e9044aca063bf77db199b1030628ced2eb7d3a33d6a6419047e32ea7891be396d9ddb50a7b1f745
-----BEGIN PGP SIGNATURE-----
iQEwBAABCgAaBQJYdPxgExx3YWx0ZXJzQHZlcmJ1bS5vcmcACgkQ3EX9WSHBPwtv
NAgAr5CNW9ZZmYvNWGBm5W0uJuwb1rmBB5Pb2izEfBEi90MdrFg7ZQF+JJLB+EEQ
9XsKZLVd/d6drJkycf3fDq35tVzm6cEMq+pidnujGzS+skQqzmEpqISt8G2GQap0
MnnlJlLpwYwUMJvSqa4Xx/WDM/3Cf1FTI7jPwl1uBccU/4x2w0Apa0PG/pvsJ+3N
BxahkioeeMTrgd1a7BZbwUSMYnx0+4kB92v5JOnYh8wF/fCVgwlb5p0GN5Qz2jNj
YCxyeGZfGk/071/FiHDKW64cmSwEV9gPRWMeRT39n5MfRcKcP2tIEHEVxT61ErLR
OndJWLN2+hFmCxjdrOLSw9fmdw==
=OpAb
-----END PGP SIGNATURE-----