[Secure-testing-commits] r35392 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jul 9 14:40:02 UTC 2015


Author: carnil
Date: 2015-07-09 14:40:01 +0000 (Thu, 09 Jul 2015)
New Revision: 35392

Modified:
   data/CVE/list
Log:
Mark gksu issue as no-dsa

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-09 13:00:59 UTC (rev 35391)
+++ data/CVE/list	2015-07-09 14:40:01 UTC (rev 35392)
@@ -32769,6 +32769,8 @@
 	RESERVED
 CVE-2014-2886 (GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) ...)
 	- gksu <unfixed>
+	[jessie] - gksu <no-dsa> (Minor issue)
+	[wheezy] - gksu <no-dsa> (Minor issue)
 	[squeeze] - gksu <no-dsa> (Minor issue)
 	NOTE: https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu
 	NOTE: In Debian libgksu installs two alternatives gconf-defaults.libgksu-sudo




More information about the Secure-testing-commits mailing list