changelog_14.2
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
| changelog_14.2 [2019/02/08 01:35] – connie | changelog_14.2 [2019/02/12 23:41] – connie | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. | ||
| - | ==== 2017-02-07 ==== | + | ==== 2019-02-12 ==== |
| + | |||
| + | **lxc-2.0.9_d3a03247**: | ||
| + | This update fixes a security issue where a malicious privileged container | ||
| + | could overwrite the host binary and thus gain root-level code execution on | ||
| + | the host. As the LXC project considers privileged containers to be unsafe | ||
| + | no CVE has been assigned for this issue for LXC. To prevent this attack, | ||
| + | LXC has been patched to create a temporary copy of the calling binary | ||
| + | itself when it starts or attaches to containers. To do this LXC creates an | ||
| + | anonymous, in-memory file using the memfd_create() system call and copies | ||
| + | itself into the temporary in-memory file, which is then sealed to prevent | ||
| + | further modifications. LXC then executes this sealed, in-memory file | ||
| + | instead of the original on-disk binary. | ||
| + | For more information, | ||
| + | * https:// | ||
| + | (**Security fix**) | ||
| + | |||
| + | ==== 2019-02-12 ==== | ||
| + | |||
| + | **xonotic-0.8.2**: | ||
| + | addictive arena gameplay. Xonotic is a direct successor of the Nexuiz, which was a fork of DarkPlaces, which was a fork of Quake engine. | ||
| + | |||
| + | ==== 2019-02-07 ==== | ||
| **php-5.6.40**: | **php-5.6.40**: | ||
changelog_14.2.txt · Last modified: 2023/12/23 13:40 by connie