** Changed in: juju
Status: Fix Committed => Fix Released
** Changed in: juju/2.2
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1682411
Title:
Thanks to everyone.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1682411
Title:
juju-run unit root escalation vulnerability
To manage notifications about this bug go to:
This bug was fixed in the package juju-core-1 - 1.25.6-0ubuntu2.16.10.2
---
juju-core-1 (1.25.6-0ubuntu2.16.10.2) yakkety-security; urgency=medium
* SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411)
- debian/patches/CVE-2017-9232.patch: create a unix domain
This bug was fixed in the package juju-core-1 - 1.25.6-0ubuntu1.16.04.2
---
juju-core-1 (1.25.6-0ubuntu1.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411)
- debian/patches/CVE-2017-9232.patch: create a unix domain
The attachment "chmod after creating the socket" seems to be a patch.
If it isn't, please remove the "patch" flag from the attachment, remove
the "patch" tag, and if you are a member of the ~ubuntu-reviewers,
unsubscribe the team.
[This is an automated message performed by a Launchpad user owned
This bug was fixed in the package juju-core - 2.0.2-0ubuntu2.1
---
juju-core (2.0.2-0ubuntu2.1) zesty-security; urgency=medium
* SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411)
- debian/patches/CVE-2017-9232.patch: create a unix domain socket with
This bug was fixed in the package juju-core - 1.25.6-0ubuntu1.14.04.2
---
juju-core (1.25.6-0ubuntu1.14.04.2) trusty-security; urgency=medium
* SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411)
- debian/patches/CVE-2017-9232.patch: create a unix domain socket
This bug was fixed in the package juju-core - 2.0.2-0ubuntu0.16.10.2
---
juju-core (2.0.2-0ubuntu0.16.10.2) yakkety-security; urgency=medium
* SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411)
- debian/patches/CVE-2017-9232.patch: create a unix domain socket
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1682411
Title:
juju-run unit root escalation vulnerability
To manage