[Secure-testing-commits] r33657 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Apr 17 19:14:06 UTC 2015
Author: carnil
Date: 2015-04-17 19:14:06 +0000 (Fri, 17 Apr 2015)
New Revision: 33657
Modified:
data/CVE/list
Log:
Add temporary entry for userns issue in linux
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-17 19:08:12 UTC (rev 33656)
+++ data/CVE/list 2015-04-17 19:14:06 UTC (rev 33657)
@@ -1,3 +1,10 @@
+CVE-2015-XXXX [USERNS allows circumventing MNT_LOCKED]
+ - linux <unfixed>
+ [wheezy] - linux <not-affected> (user namespaces known broken before 3.5, see kernel-sec info)
+ - linux-2.6 <not-affected> (user namespaces known broken before 3.5, see kernel-sec info)
+ NOTE: https://groups.google.com/forum/#!topic/linux.kernel/HnegnbXk0Vs
+ NOTE: Proposed fixes: http://www.spinics.net/lists/linux-containers/msg30786.html
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/17/4
CVE-2015-XXXX [PHP potential remote code execution with apache 2.4 apache2handler]
- php5 <unfixed>
NOTE: https://bugs.php.net/bug.php?id=69218
More information about the Secure-testing-commits
mailing list