New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

CVE-2017-1000111 CrOS: Vulnerability reported in Linux kernel

Project Member Reported by vomit.go...@appspot.gserviceaccount.com, Nov 2 2017

Issue description

VOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. 

Advisory: CVE-2017-1000111
  Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2017-1000111
  CVSS severity score: 7.2/10.0
  Description:

Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.



This bug was filed by http://go/vomit
Please contact us at vomit-team@google.com if you need any assistance.

 
Cc: wonderfly@google.com
Labels: Security_Severity-High Security_Impact-Stable M-63 Pri-1
Owner: groeck@chromium.org
Status: Assigned (was: Untriaged)
Upstream c27927e372f07 ("packet: fix tp_reserve race in packet_set_ring").

Status: Started (was: Assigned)
Already fixed in chromeos-4.4 M-63 (commit 63364a508d24). Required in older kernel releases.

Labels: M-61 M-62
Requesting merge to 62 and 62 v4.4 as well, for lakitu. Thanks.
Labels: Merge-Request-62 Merge-Request-61
Note: M-62 and M-61 merge requests are only for chromeos-4.4.


Project Member

Comment 6 by bugdroid1@chromium.org, Nov 3 2017

Labels: merge-merged-chromeos-3.18
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/712116d40a530fc68a25f7feec756202c223c325

commit 712116d40a530fc68a25f7feec756202c223c325
Author: Willem de Bruijn <willemb@google.com>
Date: Fri Nov 03 01:36:46 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=Run syszcaller reproducer

Change-Id: I1006e6d4716f912aee319ebb0491330bcebd9c23
Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/751810
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>

[modify] https://crrev.com/712116d40a530fc68a25f7feec756202c223c325/net/packet/af_packet.c

Project Member

Comment 7 by sheriffbot@chromium.org, Nov 3 2017

Labels: -M-61
Project Member

Comment 8 by bugdroid1@chromium.org, Nov 3 2017

Labels: merge-merged-chromeos-3.14
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/eb7f086c814368e30ee838b7a7893774be182ceb

commit eb7f086c814368e30ee838b7a7893774be182ceb
Author: Willem de Bruijn <willemb@google.com>
Date: Fri Nov 03 23:29:01 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=Run syszcaller reproducer

Change-Id: I1006e6d4716f912aee319ebb0491330bcebd9c23
Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/751810
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>
(cherry picked from commit 712116d40a530fc68a25f7feec756202c223c325)
Reviewed-on: https://chromium-review.googlesource.com/753961

[modify] https://crrev.com/eb7f086c814368e30ee838b7a7893774be182ceb/net/packet/af_packet.c

Project Member

Comment 9 by bugdroid1@chromium.org, Nov 3 2017

Labels: merge-merged-chromeos-3.10
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/b69a720d550bbd6dea91209577746e79d6d89851

commit b69a720d550bbd6dea91209577746e79d6d89851
Author: Willem de Bruijn <willemb@google.com>
Date: Fri Nov 03 23:29:03 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=Run syszcaller reproducer

Change-Id: I1006e6d4716f912aee319ebb0491330bcebd9c23
Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/751810
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>
(cherry picked from commit 712116d40a530fc68a25f7feec756202c223c325)
Reviewed-on: https://chromium-review.googlesource.com/753962

[modify] https://crrev.com/b69a720d550bbd6dea91209577746e79d6d89851/net/packet/af_packet.c

Labels: Merge-Request-63
M-63 merge request for chromeos-3.18 and older.

Project Member

Comment 11 by sheriffbot@chromium.org, Nov 4 2017

Labels: -Merge-Request-63 Merge-Review-63 Hotlist-Merge-Review
This bug requires manual review: M63 has already been promoted to the beta branch, so this requires manual review
Please contact the milestone owner if you have questions.
Owners: cmasso@(Android), cmasso@(iOS), gkihumba@(ChromeOS), govind@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Labels: -Merge-Request-61
Cc: rkolchmeyer@google.com
Labels: Merge-Request-61 M-61
Adding back the merge requests for 61 and 62 chromeos-4.4. Needed for lakitu.
Labels: -Merge-Request-61 -Merge-Request-62 -Merge-Review-63 Merge-Approved-63 Merge-Approved-62
Too late for M61 in CrOS but approving M-62/M-63
 
Project Member

Comment 15 by bugdroid1@chromium.org, Nov 6 2017

Labels: merge-merged-release-R62-9901.B-chromeos-3.14
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4575fcb28a0976c9a7276239b885e0460d24f4cb

commit 4575fcb28a0976c9a7276239b885e0460d24f4cb
Author: Willem de Bruijn <willemb@google.com>
Date: Mon Nov 06 20:49:27 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=Run syszcaller reproducer

Change-Id: I1006e6d4716f912aee319ebb0491330bcebd9c23
Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/751810
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>
(cherry picked from commit 712116d40a530fc68a25f7feec756202c223c325)
Reviewed-on: https://chromium-review.googlesource.com/753961
(cherry picked from commit eb7f086c814368e30ee838b7a7893774be182ceb)
Reviewed-on: https://chromium-review.googlesource.com/755737

[modify] https://crrev.com/4575fcb28a0976c9a7276239b885e0460d24f4cb/net/packet/af_packet.c

Project Member

Comment 16 by bugdroid1@chromium.org, Nov 6 2017

Labels: merge-merged-release-R63-10032.B-chromeos-3.18
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/799619bf9354d090dd61f5b597108c4d3acec7bd

commit 799619bf9354d090dd61f5b597108c4d3acec7bd
Author: Willem de Bruijn <willemb@google.com>
Date: Mon Nov 06 20:49:35 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=Run syszcaller reproducer

Change-Id: I1006e6d4716f912aee319ebb0491330bcebd9c23
Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/751810
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>
(cherry picked from commit 712116d40a530fc68a25f7feec756202c223c325)
Reviewed-on: https://chromium-review.googlesource.com/755734

[modify] https://crrev.com/799619bf9354d090dd61f5b597108c4d3acec7bd/net/packet/af_packet.c

Project Member

Comment 17 by bugdroid1@chromium.org, Nov 6 2017

Labels: merge-merged-release-R62-9901.B-chromeos-3.10
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/305d9fa321e5aca4b5120a0614399841067426b2

commit 305d9fa321e5aca4b5120a0614399841067426b2
Author: Willem de Bruijn <willemb@google.com>
Date: Mon Nov 06 20:49:45 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=Run syszcaller reproducer

Change-Id: I1006e6d4716f912aee319ebb0491330bcebd9c23
Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/751810
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>
(cherry picked from commit 712116d40a530fc68a25f7feec756202c223c325)
Reviewed-on: https://chromium-review.googlesource.com/753962
(cherry picked from commit b69a720d550bbd6dea91209577746e79d6d89851)
Reviewed-on: https://chromium-review.googlesource.com/755739

[modify] https://crrev.com/305d9fa321e5aca4b5120a0614399841067426b2/net/packet/af_packet.c

Project Member

Comment 18 by bugdroid1@chromium.org, Nov 6 2017

Labels: merge-merged-release-R63-10032.B-chromeos-3.10
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/62bee4b1de1b8f0efba0d02f921520599e862c21

commit 62bee4b1de1b8f0efba0d02f921520599e862c21
Author: Willem de Bruijn <willemb@google.com>
Date: Mon Nov 06 20:49:52 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=Run syszcaller reproducer

Change-Id: I1006e6d4716f912aee319ebb0491330bcebd9c23
Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/751810
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>
(cherry picked from commit 712116d40a530fc68a25f7feec756202c223c325)
Reviewed-on: https://chromium-review.googlesource.com/753962
(cherry picked from commit b69a720d550bbd6dea91209577746e79d6d89851)
Reviewed-on: https://chromium-review.googlesource.com/755738

[modify] https://crrev.com/62bee4b1de1b8f0efba0d02f921520599e862c21/net/packet/af_packet.c

Project Member

Comment 19 by bugdroid1@chromium.org, Nov 6 2017

Labels: merge-merged-release-R62-9901.B-chromeos-3.18
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/f59ef0b48a680962d592d83e2a770753f5b2f1ca

commit f59ef0b48a680962d592d83e2a770753f5b2f1ca
Author: Willem de Bruijn <willemb@google.com>
Date: Mon Nov 06 20:49:59 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=Run syszcaller reproducer

Change-Id: I1006e6d4716f912aee319ebb0491330bcebd9c23
Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/751810
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>
(cherry picked from commit 712116d40a530fc68a25f7feec756202c223c325)
Reviewed-on: https://chromium-review.googlesource.com/755735

[modify] https://crrev.com/f59ef0b48a680962d592d83e2a770753f5b2f1ca/net/packet/af_packet.c

Project Member

Comment 20 by bugdroid1@chromium.org, Nov 6 2017

Labels: merge-merged-release-R63-10032.B-chromeos-3.14
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/8624862c677a46e719a6b569074f6dd5457b0d9f

commit 8624862c677a46e719a6b569074f6dd5457b0d9f
Author: Willem de Bruijn <willemb@google.com>
Date: Mon Nov 06 20:50:03 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=Run syszcaller reproducer

Change-Id: I1006e6d4716f912aee319ebb0491330bcebd9c23
Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/751810
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>
(cherry picked from commit 712116d40a530fc68a25f7feec756202c223c325)
Reviewed-on: https://chromium-review.googlesource.com/753961
(cherry picked from commit eb7f086c814368e30ee838b7a7893774be182ceb)
Reviewed-on: https://chromium-review.googlesource.com/755736

[modify] https://crrev.com/8624862c677a46e719a6b569074f6dd5457b0d9f/net/packet/af_packet.c

Labels: -Merge-Approved-62 -Merge-Approved-63
Status: Fixed (was: Started)
Labels: -Hotlist-Merge-Review
Cc: adityakali@google.com josa...@chromium.org
Labels: Merge-Request-61
Owner: wonderfly@google.com
Status: Assigned (was: Fixed)
Considering this is a 7 point CVE, and 61 is a month away from deprecation (maybe even longer due to the holiday production freezes), we'd like the fix to be cherry-picked to 61 as well, for lakitu. We still have A LOT of users on it, and will have to continue supporting it.

The merge request is for chromeos-4.4 only.
Project Member

Comment 24 by sheriffbot@chromium.org, Nov 7 2017

Labels: -M-61
Project Member

Comment 25 by bugdroid1@chromium.org, Nov 8 2017

Labels: merge-merged-release-R61-9765.B-chromeos-4.4
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/a677c8633c4359de285448f29ce15994cbad1a75

commit a677c8633c4359de285448f29ce15994cbad1a75
Author: Willem de Bruijn <willemb@google.com>
Date: Wed Nov 08 22:49:48 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=trybot

Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 63364a508d24944abb0975bd823cb11367c56283)
Signed-off-by: Daniel Wang <wonderfly@google.com>

Change-Id: I1636d162aa698769aa0dc5cabf0a902677422f53
Reviewed-on: https://chromium-review.googlesource.com/759138
Tested-by: Daniel Wang <wonderfly@google.com>
Reviewed-by: Guenter Roeck <groeck@chromium.org>
Commit-Queue: Daniel Wang <wonderfly@google.com>

[modify] https://crrev.com/a677c8633c4359de285448f29ce15994cbad1a75/net/packet/af_packet.c

Project Member

Comment 26 by bugdroid1@chromium.org, Nov 8 2017

Labels: merge-merged-release-R62-9901.B-chromeos-4.4
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/957c2ec5c7b906973b8bf5be3dd066524569b1ec

commit 957c2ec5c7b906973b8bf5be3dd066524569b1ec
Author: Willem de Bruijn <willemb@google.com>
Date: Wed Nov 08 22:49:53 2017

UPSTREAM: packet: fix tp_reserve race in packet_set_ring

[ Upstream commit c27927e372f0785f3303e8fad94b85945e2c97b7 ]

Updates to tp_reserve can race with reads of the field in
packet_set_ring. Avoid this by holding the socket lock during
updates in setsockopt PACKET_RESERVE.

This bug was discovered by syzkaller.

BUG= chromium:780782 
TEST=trybot

Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 63364a508d24944abb0975bd823cb11367c56283)
Signed-off-by: Daniel Wang <wonderfly@google.com>

Change-Id: I427f6c69ac1a57859be921bd3914a62de29ed7f4
Reviewed-on: https://chromium-review.googlesource.com/759137
Tested-by: Daniel Wang <wonderfly@google.com>
Reviewed-by: Guenter Roeck <groeck@chromium.org>
Commit-Queue: Daniel Wang <wonderfly@google.com>

[modify] https://crrev.com/957c2ec5c7b906973b8bf5be3dd066524569b1ec/net/packet/af_packet.c

Status: Fixed (was: Assigned)
Labels: -Merge-Request-61 Merge-Approved-61
Project Member

Comment 29 by sheriffbot@chromium.org, Nov 9 2017

Labels: Restrict-View-SecurityNotify
Project Member

Comment 30 by sheriffbot@chromium.org, Nov 13 2017

Cc: groeck@chromium.org josa...@google.com
This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible!

If all merges have been completed, please remove any remaining Merge-Approved labels from this issue.

Thanks for your time! To disable nags, add the Disable-Nags label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 31 by sheriffbot@chromium.org, Nov 17 2017

This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible!

If all merges have been completed, please remove any remaining Merge-Approved labels from this issue.

Thanks for your time! To disable nags, add the Disable-Nags label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 32 by sheriffbot@chromium.org, Feb 15 2018

Labels: -Restrict-View-SecurityNotify allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 33 by sheriffbot@chromium.org, Mar 27 2018

Labels: -M-62 -M-63 M-65

Sign in to add a comment