[pve-devel] [PATCH pve-kernel 0/3] add 2 security fixes and update ZFS

Thomas Lamprecht t.lamprecht at proxmox.com
Thu Nov 15 14:38:00 CET 2018


On 11/14/18 8:25 PM, Stoiko Ivanov wrote:
> Today 2 security related patchsets were sent over the Ubuntu Kernel ML, both
> addressing issues in user- and mountnamespaces (Thanks @Fabian for pointing them
> out!)
> 
> Since the other commits from Ubuntu-4.15.0-40.43 onwards had no security
> implications I cherry-picked the 3 relevant commits.
> 
> Additionally my testbuild included the updated ZFS version 0.7.12

applied, thanks!

> 
> Stoiko Ivanov (3):
>   Add 3 Patches addressing security issues
>   update ZFS on Linux to 0.7.12
>   bump version to 4.15.18-30
> 
>  Makefile                                      |  2 +-
>  debian/changelog                              |  7 ++
>  ...extents-in-the-reverse-map-to-kernel.patch | 75 ++++++++++++++++++
>  ...mount-Retest-MNT_LOCKED-in-do_umount.patch | 67 ++++++++++++++++
>  ...w-copying-MNT_UNBINDABLE-MNT_LOCKED-.patch | 78 +++++++++++++++++++
>  submodules/zfsonlinux                         |  2 +-
>  6 files changed, 229 insertions(+), 2 deletions(-)
>  create mode 100644 patches/kernel/0009-userns-also-map-extents-in-the-reverse-map-to-kernel.patch
>  create mode 100644 patches/kernel/0010-mount-Retest-MNT_LOCKED-in-do_umount.patch
>  create mode 100644 patches/kernel/0011-mount-Don-t-allow-copying-MNT_UNBINDABLE-MNT_LOCKED-.patch
>




More information about the pve-devel mailing list