[Secure-testing-commits] r36277 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Aug 24 14:19:15 UTC 2015
Author: carnil
Date: 2015-08-24 14:19:14 +0000 (Mon, 24 Aug 2015)
New Revision: 36277
Modified:
data/CVE/list
Log:
Add CVE-2015-5224/util-linux
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-24 13:50:46 UTC (rev 36276)
+++ data/CVE/list 2015-08-24 14:19:14 UTC (rev 36277)
@@ -3157,8 +3157,11 @@
- qemu-kvm <not-affected> (Vulnerable code introduced in 2.1.0)
NOTE: Fix: https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg02495.html
NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=bea60dd7679364493a0d7f5b (v2.1.0-rc0)
-CVE-2015-5224
+CVE-2015-5224 [login-utils: file name collision due to incorrect mkstemp use]
RESERVED
+ - util-linux <unfixed> (unimportant)
+ NOTE: chfn/chsh not built in util-linux in Debian (--disable-chfn-chsh)
+ NOTE: https://github.com/karelzak/util-linux/commit/bde91c85bdc77975155058276f99d2e0f5eab5a9
CVE-2015-5223
RESERVED
CVE-2015-5222
More information about the Secure-testing-commits
mailing list