SuperSU v2.78 SR1 released
This update brings primarily bugfixes to the su binary (related to suhide and Magisk compatibility), but there is one supolicy update of particular note as well:
Due to an initialization bug, introduced in v2.68 BETA, some SELinux contexts (including shell and untrusted_app) could be granted sys_module capability. If this happens, and your kernel is compiled with module loading support (most modern stock kernels have this disabled) and an exploit is used to gain uid 0, this then allows for a complete SELinux bypass and kernel pwn.
The requirements are pretty extensive and your chances of being vulnerable are slim, but nevertheless I would recommend updating.
This fix requires SuperSU to be updated by flashing the ZIP. Updating by APK will not suffice.
SRx instead of BETA
We're moving from BETA to Service Release naming, so we can keep the version number for the next test release the same as the current stable release. So, v2.78 SR1 is what would have been v2.79 BETA before.
While this may be slightly more confusing, we need to keep the version numbers the same to reduce the effectiveness of people trying to upload the test releases to stores (many stores will not accept a version number already present). Surprisingly, this is a real problem on non-Play stores.
Discussion regarding CCMT has suddenly (about a year late) become prominent again. There will be some announcements regarding this probably next week.
SuperSU BETA thread: http://forum.xda-developers.com/apps/supersu/2014-09-02-supersu-v2-05-t2868133
출처 : https://plus.google.com/+Chainfire/posts/8mPirmjhgqT