[Bug 2048375] Re: apparmor change on CLONE_NEWUSER breaks glibc testsuite

Launchpad Bug Tracker 2048375 at bugs.launchpad.net
Thu Feb 22 20:46:19 UTC 2024 

This bug was fixed in the package glibc - 2.39-0ubuntu1

---------------
glibc (2.39-0ubuntu1) noble; urgency=medium

  * New upstream release
    Contains fixes for the following CVEs:
    - CVE-2023-6246: Heap buffer overflow in __vsyslog_internal()
    - CVE-2023-6779: Heap buffer overflow in __vsyslog_internal()
    - CVE-2023-6780: Integer overflow in __vsyslog_internal()
    Patches:
    - Several patches refreshed
    - d/p/localedata/lv_LV-current.patch: dropped, applied upstream
    - d/p/lp{2031495,2032624}: dropped, applied upstream
    - d/p/any/git-c-utf-8-language.diff: dropped, applied upstream
  * d/p/ubuntu/submitted-tests-gracefully-handle-AppArmor-userns-containment.patch:
    Fix the tests in recent apparmor environments (LP: #2048375)
  * Drop libnss-nis and libnss-nisplus to Suggests (LP: #2045241)
  * Fix Replaces version for libsotruss.so file move (LP: #2042665)
  * Remove libc6-dev dependency on libtirpc-dev (LP: #2045763)
  * Dropped a lot of Ubuntu-specific xfails that are now passing.
  * Drop the -prof variant to instead use frame pointers on all 64-bit
    architectures by default to match the rest of the distro (LP: #2042790)

 -- Simon Chopin <schopin at ubuntu.com>  Thu, 01 Feb 2024 09:44:24 +0100

** Changed in: glibc (Ubuntu)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-6246

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-6779

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-6780

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/2048375

Title:
  apparmor change on CLONE_NEWUSER breaks glibc testsuite

Status in glibc package in Ubuntu:
  Fix Released

Bug description:
  The tests that use test-container are all failing with the following:

  error: test-container.c:1136: unable to unshare user/fs: Permission
  denied

  There is a decent chance it is related to
  https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2035315

  I'm currently trying to confirm this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/2048375/+subscriptions

More information about the foundations-bugs mailing list