Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 19 articles for you...
202
security advisorymoderatesecurity updateopenSUSE 2024:0342-1 moderate: lxc security patch for CVE-2022-47952
An update that solves one vulnerability and has one errata is now available. . openSUSE Security Update: Security update for lxc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0342-1 Rating: moderate References: #1204842 #1206779 Cross-References: CVE-2022-47952 CVSS scores: CVE-2022-47952 (SUSE): 6.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N Affected Products: openSUSE Backports SLE-15-SP5 openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for lxc fixes the following issues: lxc was updated to 6.0.2: The LXC team is pleased to announce the release of LXC 6.0.2! This is the second bugfix release for LXC 6.0 which is supported until June 2029. As usual this bugfix releases focus on stability and hardening. * Some of the highlights for this release are: - Reduced log level on some common messages - Fix compilation error on aarch64 * Detailed changelog - Remove unused function - idmap: Lower logging level of newXidmap tools to INFO - Exit 0 when there's no error - doc: Fix definitions of get_config_path and set_config_path - README: Update security contact - fix possible clang compile error in AARCH Update to 6.0.1: The LXC team is pleased to announce the release of LXC 6.0.1! This is the first bugfix release for LXC 6.0 which is supported until June 2029. As usual this bugfix releases focus on stability and hardening. * Highlights - Fixed some build tooling issues - Fixed startup failures on system without IPv6 support - Updated AppArmor rules to avoid potential warnings Update to 6.0.0: The LXC team is pleased to announce the release of LXC6.0 LTS! This is the result of two years of work since the LXC 5.0 release and is the sixth LTS release for the LXC project. This release will be supported until June 2029. * New multi-call binary¶ A new tools-multicall=true configuration option can be used to produce a single lxc binary which can then have all other lxc-XYZ commands be symlinked to. This allows for a massive disk space reduction, particularly useful for embedded platforms. * Add a set_timeout function to the library A new set_timeout function is available on the main lxc_container struct and allow for setting a global timeout for interactions with the LXC monitor. Prior to this, there was no timeout, leading to potential deadlocks as there's also no way to cancel an monitor request. As a result of adding this new symbol to the library, we have bumped the liblxc symbol version to 1.8.0. * LXC bridge now has IPV6 enabled The default lxcbr0 bridge now comes with IPv6 enabled by default, using an IPv6 ULA subnet. Support for uid/gid selection in lxc-usernsexec The lxc-usernsexec tool now has both -u and -g options to control what resulting UID and GID (respectively) the user wishes to use (defaulting to 0/0). * Improvements to lxc-checkconfig lxc-checkconfig now only shows the version if lxc-start is present (rather than failing). Additionally, it's seen a number of other cosmetic improvements as well as now listing the maximum number of allowed namespaces for every namespace type. * Support for squashfs OCI images The built-in oci container template can now handle squashfs compressed OCI images through the use of atomfs. * Switched from systemd's dbus to dbus-1 LXC now uses libdbus-1 for DBus interactions with systemd rather than using libsystemd. The reason for this change is that libdbus-1 is readily available for static builds. * Removed Upstart support Support for the Upstart initsystem has finally been removed from LXC. This shouldn't really affect anyone at this stage and allowed for cleaning up some logic and config files from our repository. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-342=1 - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-342=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): liblxc-devel-6.0.2-bp156.2.3.1 liblxc1-6.0.2-bp156.2.3.1 lxc-6.0.2-bp156.2.3.1 pam_cgfs-6.0.2-bp156.2.3.1 - openSUSE Backports SLE-15-SP6 (noarch): lxc-bash-completion-6.0.2-bp156.2.3.1 lxc-ja-doc-6.0.2-bp156.2.3.1 lxc-ko-doc-6.0.2-bp156.2.3.1 - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): liblxc-devel-6.0.2-bp155.4.3.1 liblxc1-6.0.2-bp155.4.3.1 liblxc1-debuginfo-6.0.2-bp155.4.3.1 lxc-6.0.2-bp155.4.3.1 lxc-debuginfo-6.0.2-bp155.4.3.1 lxc-debugsource-6.0.2-bp155.4.3.1 pam_cgfs-6.0.2-bp155.4.3.1 pam_cgfs-debuginfo-6.0.2-bp155.4.3.1 - openSUSE Backports SLE-15-SP5 (noarch): lxc-bash-completion-6.0.2-bp155.4.3.1 lxc-ja-doc-6.0.2-bp155.4.3.1 lxc-ko-doc-6.0.2-bp155.4.3.1 References: https://www.suse.com/security/cve/CVE-2022-47952.html https://bugzilla.suse.com/1204842 https://bugzilla.suse.com/1206779 . A new release for lxc addresses vulnerabilities in security protocols. This update contains detailed guidance and links to effective measures.. openSUSE LXC Update Security Patch. . LinuxSecurity.com Team
Oct 30, 2024
OpenSUSE
197
security advisorymoderatedebianDebian 10 Buster DLA-3533-1 Moderate: LXC User-NIC Access Issue
LXC is a Linux Containers userspace tool set. Maher Azzouzi reported that the lxc-user-nic command, included in LXC, allowed unprivileged users to infer whether any file exists, even in protected directory trees. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3533-1
Aug 21, 2023
Debian LTS
202
security advisorymoderateupdateopenSUSE: 2019:2286-1 Moderate: lxc Security Patch Announcement
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for lxc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2286-1 Rating: moderate References: #1131762 Cross-References: CVE-2019-5736 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for lxc fixes the following issues: Update to lxc 3.2.1. The changelog can be found at https://discuss.linuxcontainers.org/t/lxc-3-2-1-has-been-released/5322 + seccomp: support syscall forwarding to userspace + add lxc.seccomp.allow_nesting + pidfd: Add initial support for the new pidfd api * Many hardening improvements. * Use /sys/kernel/cgroup/delegate file for cgroup v2. * Fix CVE-2019-5736 equivalent bug. - fix apparmor dropin to be compatible with LXC 3.1.0 (boo#1131762) This update was imported from the openSUSE:Leap:15.1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2019-2286=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): liblxc-devel-3.2.1-bp151.5.3.1 liblxc1-3.2.1-bp151.5.3.1 lxc-3.2.1-bp151.5.3.1 pam_cgfs-3.2.1-bp151.5.3.1 - openSUSE Backports SLE-15-SP1 (noarch): lxc-bash-completion-3.2.1-bp151.5.3.1 References: https://www.suse.com/security/cve/CVE-2019-5736.html https://bugzilla.suse.com/1131762 -- . This revision for Fedora resolves a notable concern in docker, bringing essential corrections and protective upgrades to the forefront..OpenSUSE,LinuxContainers,LXC,SecurityPatch,Update. . LinuxSecurity.com Team
Oct 07, 2019
OpenSUSE
202
security advisorymoderateupdateopenSUSE Leap 15.1 Update: 2019:2245-1 Moderate LXC Security Fix
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for lxc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2245-1 Rating: moderate References: #1131762 Cross-References: CVE-2019-5736 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for lxc fixes the following issues: Update to lxc 3.2.1. The changelog can be found at https://discuss.linuxcontainers.org/t/lxc-3-2-1-has-been-released/5322 + seccomp: support syscall forwarding to userspace + add lxc.seccomp.allow_nesting + pidfd: Add initial support for the new pidfd api * Many hardening improvements. * Use /sys/kernel/cgroup/delegate file for cgroup v2. * Fix CVE-2019-5736 equivalent bug. - fix apparmor dropin to be compatible with LXC 3.1.0 (boo#1131762) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2245=1 Package List: - openSUSE Leap 15.1 (noarch): lxc-bash-completion-3.2.1-lp151.4.5.1 - openSUSE Leap 15.1 (x86_64): liblxc-devel-3.2.1-lp151.4.5.1 liblxc1-3.2.1-lp151.4.5.1 liblxc1-debuginfo-3.2.1-lp151.4.5.1 lxc-3.2.1-lp151.4.5.1 lxc-debuginfo-3.2.1-lp151.4.5.1 lxc-debugsource-3.2.1-lp151.4.5.1 pam_cgfs-3.2.1-lp151.4.5.1 pam_cgfs-debuginfo-3.2.1-lp151.4.5.1 References: https://www.suse.com/security/cve/CVE-2019-5736.html https://bugzilla.suse.com/1131762 -- . The recent Fedora release tackles container weaknesses to improve overall system resilience and fortify protective protocols..openSUSE, lxc, moderate security advisory, Linux update, system integrity. . LinuxSecurity.com Team
Oct 03, 2019
OpenSUSE
89
security advisoryfedoraupdateFedora 29: FEDORA-2019-c1dac1b3b8 Moderate: Python3-lxc Update 3.0.4
Update LXC to version 3.0.4. The release announcement can be found [here](https://discuss.linuxcontainers.org/t/lxc-3-0-4-has-been-released/5080).. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-c1dac1b3b8 2019-09-06 12:57:51.120856 --------------------------------------------------------------------------------Name : python3-lxc Product : Fedora 29 Version : 3.0.4 Release : 1.fc29 URL : https://linuxcontainers.org/lxc/ Summary : Python binding for LXC Description : Linux Resource Containers provide process and resource isolation without the overhead of full virtualization. The python3-lxc package contains the Python3 binding for LXC. --------------------------------------------------------------------------------Update Information: Update LXC to version 3.0.4. The release announcement can be found [here](https://discuss.linuxcontainers.org/t/lxc-3-0-4-has-been-released/5080). --------------------------------------------------------------------------------ChangeLog: * Sun Jul 7 2019 Thomas Moschny - 3.0.4-1 - Update to 3.0.4. * Sat Feb 2 2019 Fedora Release Engineering - 3.0.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Nov 23 2018 Thomas Moschny - 3.0.3-1 - Update to 3.0.3. --------------------------------------------------------------------------------References: [ 1 ] Bug #1664908 - CVE-2019-5736 runc: Execution of malicious containers allows for container escape and access to host filesystem https://bugzilla.redhat.com/show_bug.cgi?id=1664908 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-c1dac1b3b8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with theFedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Sep 06, 2019
Fedora
89
security advisoryfedoraresource managementFedora 29 - FEDORA-2019-c1dac1b3b8 Moderate: LXC Resource Isolation Update
Update LXC to version 3.0.4. The release announcement can be found [here](https://discuss.linuxcontainers.org/t/lxc-3-0-4-has-been-released/5080).. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-c1dac1b3b8 2019-09-06 12:57:51.120856 --------------------------------------------------------------------------------Name : lxc Product : Fedora 29 Version : 3.0.4 Release : 1.fc29 URL : https://linuxcontainers.org/lxc/ Summary : Linux Resource Containers Description : Linux Resource Containers provide process and resource isolation without the overhead of full virtualization. --------------------------------------------------------------------------------Update Information: Update LXC to version 3.0.4. The release announcement can be found [here](https://discuss.linuxcontainers.org/t/lxc-3-0-4-has-been-released/5080). --------------------------------------------------------------------------------ChangeLog: * Fri Aug 16 2019 Thomas Moschny - 3.0.4-1 - Update to 3.0.4. * Thu Jul 25 2019 Fedora Release Engineering - 3.0.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sun Apr 28 2019 Thomas Moschny - 3.0.3-3 - Add patch for CVE-2019-5736. - Build and include init.lxc.static where possible (rhbz#1654366). * Fri Feb 1 2019 Fedora Release Engineering - 3.0.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Nov 23 2018 Thomas Moschny - 3.0.3-1 - Update to 3.0.3. --------------------------------------------------------------------------------References: [ 1 ] Bug #1664908 - CVE-2019-5736 runc: Execution of malicious containers allows for container escape and access to host filesystem https://bugzilla.redhat.com/show_bug.cgi?id=1664908 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2019-c1dac1b3b8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Sep 06, 2019
Fedora
202
security advisorysoftware updateimportantopenSUSE Leap 42.3: 2019:1481-1 Important: LXC Container Security Fix
An update that fixes 6 vulnerabilities is now available.. openSUSE Security Update: Security update for lxc, lxcfs ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1481-1 Rating: important References: #1036360 #1099239 #1122185 #1131762 #988348 #998326 Cross-References: CVE-2015-1331 CVE-2015-1334 CVE-2015-1335 CVE-2017-5985 CVE-2018-6556 CVE-2019-5736 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This update for lxc, lxcfs to version 3.1.0 fixes the following issues: Security issues fixed: - CVE-2019-5736: Fixed a container breakout vulnerability (boo#1122185). - CVE-2018-6556: Enable setuid bit on lxc-user-nic (boo#988348). Non-security issues fixed: - Update to LXC 3.1.0. The changelog is far too long to include here, please look at https://linuxcontainers.org/. (boo#1131762) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1481=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): lxcfs-3.0.3-2.1 lxcfs-debuginfo-3.0.3-2.1 lxcfs-debugsource-3.0.3-2.1 - openSUSE Leap 42.3 (x86_64): liblxc-devel-3.1.0-24.1 liblxc1-3.1.0-24.1 liblxc1-debuginfo-3.1.0-24.1 lxc-3.1.0-24.1 lxc-debuginfo-3.1.0-24.1 lxc-debugsource-3.1.0-24.1 pam_cgfs-3.1.0-24.1 pam_cgfs-debuginfo-3.1.0-24.1 - openSUSE Leap 42.3 (noarch): lxc-bash-completion-3.1.0-24.1 lxcfs-hooks-lxc-3.0.3-2.1 References: https://www.suse.com/security/cve/CVE-2015-1331.html https://www.suse.com/security/cve/CVE-2015-1334.html https://www.suse.com/security/cve/CVE-2015-1335.html https://www.suse.com/security/cve/CVE-2017-5985.html https://www.suse.com/security/cve/CVE-2018-6556.html https://www.suse.com/security/cve/CVE-2019-5736.html https://bugzilla.suse.com/1036360 https://bugzilla.suse.com/1099239 https://bugzilla.suse.com/1122185 https://bugzilla.suse.com/1131762 https://bugzilla.suse.com/988348 https://bugzilla.suse.com/998326 -- . This revision tackles essential concerns regarding lxc and lxcfs within openSUSE, guaranteeing protection from certain vulnerabilities.. openSUSE Security Update, lxc update, lxcfs vulnerability, container security. . Severity: Important. LinuxSecurity.com Team
May 31, 2019
•Important
OpenSUSE
202
security advisorysoftware updateimportantopenSUSE Leap 15.0: 2019:1275-1 Important: LXC Container Breakout Fixed
An update that solves two vulnerabilities and has one errata is now available.. openSUSE Security Update: Security update for lxc, lxcfs ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1275-1 Rating: important References: #1122185 #1131762 #988348 Cross-References: CVE-2018-6556 CVE-2019-5736 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for lxc, lxcfs to version 3.1.0 fixes the following issues: Security issues fixed: - CVE-2019-5736: Fixed a container breakout vulnerability (boo#1122185). - CVE-2018-6556: Enable setuid bit on lxc-user-nic (boo#988348). Non-security issues fixed: - Update to LXC 3.1.0. The changelog is far too long to include here, please look at https://linuxcontainers.org/. (boo#1131762) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1275=1 Package List: - openSUSE Leap 15.0 (x86_64): liblxc-devel-3.1.0-lp150.2.10.1 liblxc1-3.1.0-lp150.2.10.1 liblxc1-debuginfo-3.1.0-lp150.2.10.1 lxc-3.1.0-lp150.2.10.1 lxc-debuginfo-3.1.0-lp150.2.10.1 lxc-debugsource-3.1.0-lp150.2.10.1 lxcfs-3.0.3-lp150.2.3.1 lxcfs-debuginfo-3.0.3-lp150.2.3.1 lxcfs-debugsource-3.0.3-lp150.2.3.1 pam_cgfs-3.1.0-lp150.2.10.1 pam_cgfs-debuginfo-3.1.0-lp150.2.10.1 - openSUSE Leap 15.0 (noarch): lxc-bash-completion-3.1.0-lp150.2.10.1 lxcfs-hooks-lxc-3.0.3-lp150.2.3.1 References: https://www.suse.com/security/cve/CVE-2018-6556.html https://www.suse.com/security/cve/CVE-2019-5736.html https://bugzilla.suse.com/1122185 https://bugzilla.suse.com/1131762 https://bugzilla.suse.com/988348 -- . Essential openSUSE upgrade tackles container escape vulnerabilities found in lxc and lxcfs, along with fixes to critical security flaws.. lxc containers, lxcfs update, openSUSE advisory, container security. . Severity: Important. LinuxSecurity.com Team
Apr 25, 2019
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!