Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 11 Jul 2016 14:52:53 -0500
From: Tyler Hicks <>
Cc: John Johansen <>
Subject: Re: CVE request: apparmor: oops in

On 07/11/2016 10:08 AM, Ben Laurie wrote:
> On 9 July 2016 at 07:41, John Johansen <> wrote:
>> There is a potential privilege escalation in apparmor's setprocattr() interface.
>> introduced by: 30a46a4647fd1df9cf52e43bf467f0d9265096ca
>> fixed by: 30a46a4647fd1df9cf52e43bf467f0d9265096ca
> I assume its not actually introduced and fix by the same commit. :-)

The correct hashes are:

introduced by: bb646cdb12e75d82258c2f2e7746d5952d3e321a
fixed by: 30a46a4647fd1df9cf52e43bf467f0d9265096ca


>> Could you assign a CVE for this issue?
>> thanks
>> John

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.