[Secure-testing-commits] r30178 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Nov 20 07:07:00 UTC 2014


Author: carnil
Date: 2014-11-20 07:07:00 +0000 (Thu, 20 Nov 2014)
New Revision: 30178

Modified:
   data/CVE/list
Log:
Add CVE-2014-8989/linux

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-20 06:36:13 UTC (rev 30177)
+++ data/CVE/list	2014-11-20 07:07:00 UTC (rev 30178)
@@ -609,6 +609,11 @@
 	RESERVED
 CVE-2015-0001
 	RESERVED
+CVE-2014-8989 [Linux user namespaces can bypass group-based restrictions]
+	- linux <unfixed>
+        [wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
+        - linux-2.6 <not-affected> (User namespaces only usable in later kernels)
+	NOTE: http://thread.gmane.org/gmane.linux.man/7385/
 CVE-2014-8986 [XSS]
 	- mantis <unfixed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)




More information about the Secure-testing-commits mailing list