[Secure-testing-commits] r35318 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jul 4 17:51:28 UTC 2015


Author: carnil
Date: 2015-07-04 17:51:28 +0000 (Sat, 04 Jul 2015)
New Revision: 35318

Modified:
   data/CVE/list
Log:
Add note for the gksu issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-04 15:24:06 UTC (rev 35317)
+++ data/CVE/list	2015-07-04 17:51:28 UTC (rev 35318)
@@ -32488,6 +32488,9 @@
 	- gksu <unfixed>
 	[squeeze] - gksu <no-dsa> (Minor issue)
 	NOTE: https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu
+	NOTE: In Debian libgksu installs two alternatives gconf-defaults.libgksu-sudo
+	NOTE: and gconf-defaults.libgksu-su, where the gconf-defaults.libgksu-su is
+	NOTE: enabled (in auto mode).
 CVE-2014-2883
 	RESERVED
 CVE-2014-2882 (Unspecified vulnerability in the management GUI in Citrix NetScaler ...)




More information about the Secure-testing-commits mailing list