[Bug 1682411] Re: juju-run unit root escalation vulnerability

2017-06-28 Thread Canonical Juju QA Bot
** Changed in: juju Status: Fix Committed => Fix Released ** Changed in: juju/2.2 Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1682411 Title:

[Bug 1682411] Re: juju-run unit root escalation vulnerability

2017-06-02 Thread Seth Arnold
Thanks to everyone. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1682411 Title: juju-run unit root escalation vulnerability To manage notifications about this bug go to:

[Bug 1682411] Re: juju-run unit root escalation vulnerability

2017-06-02 Thread Launchpad Bug Tracker
This bug was fixed in the package juju-core-1 - 1.25.6-0ubuntu2.16.10.2 --- juju-core-1 (1.25.6-0ubuntu2.16.10.2) yakkety-security; urgency=medium * SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411) - debian/patches/CVE-2017-9232.patch: create a unix domain

[Bug 1682411] Re: juju-run unit root escalation vulnerability

2017-06-02 Thread Launchpad Bug Tracker
This bug was fixed in the package juju-core-1 - 1.25.6-0ubuntu1.16.04.2 --- juju-core-1 (1.25.6-0ubuntu1.16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411) - debian/patches/CVE-2017-9232.patch: create a unix domain

[Bug 1682411] Re: juju-run unit root escalation vulnerability

2017-05-26 Thread Ubuntu Foundations Team Bug Bot
The attachment "chmod after creating the socket" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned

[Bug 1682411] Re: juju-run unit root escalation vulnerability

2017-05-26 Thread Launchpad Bug Tracker
This bug was fixed in the package juju-core - 2.0.2-0ubuntu2.1 --- juju-core (2.0.2-0ubuntu2.1) zesty-security; urgency=medium * SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411) - debian/patches/CVE-2017-9232.patch: create a unix domain socket with

[Bug 1682411] Re: juju-run unit root escalation vulnerability

2017-05-26 Thread Launchpad Bug Tracker
This bug was fixed in the package juju-core - 1.25.6-0ubuntu1.14.04.2 --- juju-core (1.25.6-0ubuntu1.14.04.2) trusty-security; urgency=medium * SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411) - debian/patches/CVE-2017-9232.patch: create a unix domain socket

[Bug 1682411] Re: juju-run unit root escalation vulnerability

2017-05-26 Thread Launchpad Bug Tracker
This bug was fixed in the package juju-core - 2.0.2-0ubuntu0.16.10.2 --- juju-core (2.0.2-0ubuntu0.16.10.2) yakkety-security; urgency=medium * SECURITY UPDATE: Privilege escalation via juju-run (LP: #1682411) - debian/patches/CVE-2017-9232.patch: create a unix domain socket

[Bug 1682411] Re: juju-run unit root escalation vulnerability

2017-05-26 Thread Seth Arnold
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1682411 Title: juju-run unit root escalation vulnerability To manage