Ken Moffat wrote:
On Fri, Mar 31, 2017 at 01:59:47PM -0500, Bruce Dubbs wrote:
Ken Moffat wrote:
(Cc: blfs-support so everyone can see it)
From lwn.net I see that the stable kernels have today been updated
to 4.10.8 and longterm stable to 4.9.20 and 4.4.59, and that these
are to fix CVE-2017-7184 : local privilege escalation or DOS by
leveraging the CAP_NET_SYSADMIN capability.
The initial report suggests it only applies if user namespaces
(CONFIG_USER_NS) have been configured in the kernel.
OK, I'll go ahead and update LFS today.
for me it's just a "nice to fix" because none of my machines have
user namespaces enabled.
Already done. And I don't have CONFIG_USER_NS set either.
-- Bruce
--
http://lists.linuxfromscratch.org/listinfo/lfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
