June 2015 - golang - Fedora Mailing-Lists

[Bug 1219703] New: CVE-2015-3629 docker-io: docker: symlink traversal on container respawn allows local privilege escalation [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1219703 Bug ID: 1219703 Summary: CVE-2015-3629 docker-io: docker: symlink traversal on container respawn allows local privilege escalation [fedora-all] Product: Fedora Version: 21 Component: docker-io Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: ichavero(a)redhat.com Reporter: tjay(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: adimania(a)gmail.com, admiller(a)redhat.com, golang(a)lists.fedoraproject.org, hushan.jia(a)gmail.com, ichavero(a)redhat.com, jchaloup(a)redhat.com, jperrin(a)centos.org, lsm5(a)redhat.com, mattdm(a)redhat.com, mgoldman(a)redhat.com, miminar(a)redhat.com, s(a)shk.io, thrcka(a)redhat.com, vbatts(a)redhat.com Blocks: 1219058 (CVE-2015-3629) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1219058 [Bug 1219058] CVE-2015-3629 docker: symlink traversal on container respawn allows local privilege escalation -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
4
0 / 0

[Bug 1219707] New: CVE-2015-3627 docker-io: docker: insecure opening of file-descriptor 1 leading to privilege escalation [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1219707 Bug ID: 1219707 Summary: CVE-2015-3627 docker-io: docker: insecure opening of file-descriptor 1 leading to privilege escalation [fedora-all] Product: Fedora Version: 21 Component: docker-io Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: ichavero(a)redhat.com Reporter: tjay(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: adimania(a)gmail.com, admiller(a)redhat.com, golang(a)lists.fedoraproject.org, hushan.jia(a)gmail.com, ichavero(a)redhat.com, jchaloup(a)redhat.com, jperrin(a)centos.org, lsm5(a)redhat.com, mattdm(a)redhat.com, mgoldman(a)redhat.com, miminar(a)redhat.com, s(a)shk.io, thrcka(a)redhat.com, vbatts(a)redhat.com Blocks: 1219061 (CVE-2015-3627) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1219061 [Bug 1219061] CVE-2015-3627 docker: insecure opening of file-descriptor 1 leading to privilege escalation -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
4
0 / 0

[Bug 1219711] New: CVE-2015-3630 docker-io: docker: Read/write proc paths allow host modification & information disclosure [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1219711 Bug ID: 1219711 Summary: CVE-2015-3630 docker-io: docker: Read/write proc paths allow host modification & information disclosure [fedora-all] Product: Fedora Version: 21 Component: docker-io Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: ichavero(a)redhat.com Reporter: tjay(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: adimania(a)gmail.com, admiller(a)redhat.com, golang(a)lists.fedoraproject.org, hushan.jia(a)gmail.com, ichavero(a)redhat.com, jchaloup(a)redhat.com, jperrin(a)centos.org, lsm5(a)redhat.com, mattdm(a)redhat.com, mgoldman(a)redhat.com, miminar(a)redhat.com, s(a)shk.io, thrcka(a)redhat.com, vbatts(a)redhat.com Blocks: 1219063 (CVE-2015-3630) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1219063 [Bug 1219063] CVE-2015-3630 docker: Read/write proc paths allow host modification & information disclosure -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
4
0 / 0

[Bug 1219715] New: CVE-2015-3631 docker-io: docker: volume mounts allow LSM profile escalation [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1219715 Bug ID: 1219715 Summary: CVE-2015-3631 docker-io: docker: volume mounts allow LSM profile escalation [fedora-all] Product: Fedora Version: 21 Component: docker-io Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: ichavero(a)redhat.com Reporter: tjay(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: adimania(a)gmail.com, admiller(a)redhat.com, golang(a)lists.fedoraproject.org, hushan.jia(a)gmail.com, ichavero(a)redhat.com, jchaloup(a)redhat.com, jperrin(a)centos.org, lsm5(a)redhat.com, mattdm(a)redhat.com, mgoldman(a)redhat.com, miminar(a)redhat.com, s(a)shk.io, thrcka(a)redhat.com, vbatts(a)redhat.com Blocks: 1219065 (CVE-2015-3631) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1219065 [Bug 1219065] CVE-2015-3631 docker: volume mounts allow LSM profile escalation -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
4
0 / 0

[Bug 1221482] New: Docker 1.6 mounts /var/log/journal/4809557f6c5a83f899a25b507d72c4d5

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1221482 Bug ID: 1221482 Summary: Docker 1.6 mounts /var/log/journal/4809557f6c5a83f899a25b507d72c4d5 Product: Fedora Version: 21 Component: docker-io Keywords: Regression Assignee: ichavero(a)redhat.com Reporter: jpazdziora(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: adimania(a)gmail.com, admiller(a)redhat.com, agoldste(a)redhat.com, dwalsh(a)redhat.com, extras-qa(a)fedoraproject.org, golang(a)lists.fedoraproject.org, hushan.jia(a)gmail.com, ichavero(a)redhat.com, jchaloup(a)redhat.com, jeder(a)redhat.com, jpazdziora(a)redhat.com, jperrin(a)centos.org, lsm5(a)redhat.com, mattdm(a)redhat.com, mgoldman(a)redhat.com, miminar(a)redhat.com, s(a)shk.io, sdodson(a)redhat.com, thrcka(a)redhat.com, vbatts(a)redhat.com Depends On: 1213385 Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1213385 [Bug 1213385] Docker 1.6 mounts /var/log/journal/4809557f6c5a83f899a25b507d72c4d5 -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
6
0 / 0

[Bug 1236320] New: Don't strip binaries too early

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1236320 Bug ID: 1236320 Summary: Don't strip binaries too early Product: Fedora Version: rawhide Component: etcd Assignee: jchaloup(a)redhat.com Reporter: ville.skytta(a)iki.fi QA Contact: extras-qa(a)fedoraproject.org CC: avagarwa(a)redhat.com, eparis(a)redhat.com, golang(a)lists.fedoraproject.org, jchaloup(a)redhat.com, lacypret(a)gmail.com, lemenkov(a)gmail.com, lsm5(a)redhat.com, walters(a)redhat.com ...for -debuginfo sanity; 2.0.12-1 did not have this issue. 'git am'able fix attached, let me know if you'd like me to push and build this for devel. -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
8
0 / 0

[Bug 1184710] New: dnsmasq needs to be restarted after reboot for dns to work in a Docker container

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1184710 Bug ID: 1184710 Summary: dnsmasq needs to be restarted after reboot for dns to work in a Docker container Product: Fedora Version: 21 Component: docker-io Assignee: lsm5(a)redhat.com Reporter: jshepherd(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: adimania(a)gmail.com, admiller(a)redhat.com, golang(a)lists.fedoraproject.org, hushan.jia(a)gmail.com, jchaloup(a)redhat.com, jperrin(a)centos.org, lsm5(a)redhat.com, mattdm(a)redhat.com, mgoldman(a)redhat.com, miminar(a)redhat.com, s(a)shk.io, thrcka(a)redhat.com, vbatts(a)redhat.com External Bug ID: Red Hat Bugzilla 1128208 External Bug ID: Red Hat Bugzilla 1128208 Description of problem: Docker replies on dnsmasq to have 'listen-address' set to the docker bridge, and have bind-interfaces option turned on. However in this configuration dnsmasq has to start after docker in order for DNS to work in a docker container. Version-Release number of selected component (if applicable): docker-io 1.4.0 dnsmasq 2.72 How reproducible: Reboot the system with docker, and dnsmasq enabled. Steps to Reproduce: 1. Ensure docker is using the default dns option of 172.17.42.1 2. Use the attached dnsmasq.conf 3. Reboot the system 4. Launch a docker container: `docker run -i -t centos /usr/bin/ping www.redhat.com` Actual results: Cannot resolve hostname Expected results: Response from 'akamai' or similar Additional info: See related issue #1128208 I tried added a systemd 'After' for dnsmasq on docker.service, but it doesn't seem to be honoured by systemd. -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
10
0 / 0

[Bug 1108349] New: remove golang-github-syndtr-gocapability from epel7

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1108349 Bug ID: 1108349 Summary: remove golang-github-syndtr-gocapability from epel7 Product: Fedora EPEL Version: epel7 Component: golang-github-syndtr-gocapability Assignee: vbatts(a)redhat.com Reporter: lsm5(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com, vbatts(a)redhat.com Description of problem: remove this package from epel7 as it's now available in rhel7 proper. Version-Release number of selected component (if applicable): golang-github-syndtr-gocapability-0-0.5.git3454319.el7 Additional info: retired from dist-git: http://pkgs.fedoraproject.org/cgit/golang-github-syndtr-gocapability.git/... For pkgdb, Vincent could you run this for the epel7 branch (I'm not an admin for this one): pkgdb-cli orphan --retire golang-github-syndtr-gocapability epel7 -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
1
0 / 0

[Bug 1108337] New: remove golang-googlecode-sqlite from epel7

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1108337 Bug ID: 1108337 Summary: remove golang-googlecode-sqlite from epel7 Product: Fedora EPEL Version: epel7 Component: golang-googlecode-sqlite Assignee: lsm5(a)redhat.com Reporter: lsm5(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com, vbatts(a)redhat.com Description of problem: this package should be removed from epel7 as it's now available in rhel7 proper Version-Release number of selected component (if applicable): golang-googlecode-sqlite-0-0.9.hg74691fb6f837.el7 Additional info: retired from dist-git: http://pkgs.fedoraproject.org/cgit/golang-googlecode-sqlite.git/tree/?h=e... orphaned in pkgdb: https://admin.fedoraproject.org/pkgdb/package/golang-googlecode-sqlite/ -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
3
0 / 0

[Bug 1108270] New: remove golang-googlecode-net from epel7

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1108270 Bug ID: 1108270 Summary: remove golang-googlecode-net from epel7 Product: Fedora EPEL Version: epel7 Component: golang-googlecode-net Assignee: lsm5(a)redhat.com Reporter: lsm5(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com, mattdm(a)redhat.com, vbatts(a)redhat.com Description of problem: this package should be removed from epel7 as it's available in rhel7 proper Version-Release number of selected component (if applicable): golang-googlecode-net-0-0.13.hg84a4013f96e0.el7 Additional info: epel7 orphaned: https://admin.fedoraproject.org/pkgdb/package/golang-googlecode-net/ retired from dist-git: http://pkgs.fedoraproject.org/cgit/golang-googlecode-net.git/tree/?h=epel7 -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
2
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

golang June 2015