Univention Bugzilla – Bug 49888
linux: Multiple issues (4.4)
Last modified: 2019-07-24 15:03:17 CEST
New Debian linux 4.9.168-1+deb9u4 fixes: This update addresses the following issue: * broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)
--- mirror/ftp/4.4/unmaintained/component/4.4-0-errata/source/linux_4.9.168-1+deb9u3.dsc +++ apt/ucs_4.4-0-errata4.4-0/source/linux_4.9.168-1+deb9u4.dsc @@ -1,3 +1,7 @@ +4.9.168-1+deb9u4 [Fri, 19 Jul 2019 13:41:00 +0200] Salvatore Bonaccorso <carnil@debian.org>: + + * ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) + 4.9.168-1+deb9u3 [Sun, 16 Jun 2019 15:38:39 +0100] Ben Hutchings <ben@decadent.org.uk>: [ Salvatore Bonaccorso ] <http://10.200.17.11/4.4-0/#51094133497245326>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-1] ce3ace9666 Bug #49888: univention-kernel-image-signed 5.0.0-5A~4.4.0.201907231003 doc/errata/staging/univention-kernel-image-signed.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [4.4-1] 483fb27548 Bug #49888: univention-kernel-image-signed 5.0.0-5A~4.4.0.2019072310033 doc/errata/staging/univention-kernel-image-signed.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) OK: piuparts OK: amd64 @ kvm OVMF + SB OK: amd64 @ kvm SeaBIOS OK: amd64 @ lynx OK: i386 @ kvm OK: dmesg OK: uname -rv
<http://errata.software-univention.de/ucs/4.4/193.html> <http://errata.software-univention.de/ucs/4.4/194.html>