[Secure-testing-commits] r35623 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jul 22 15:08:40 UTC 2015
Author: carnil
Date: 2015-07-22 15:08:40 +0000 (Wed, 22 Jul 2015)
New Revision: 35623
Modified:
data/CVE/list
Log:
Update CVE-2013-6441/lxc
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-22 14:56:43 UTC (rev 35622)
+++ data/CVE/list 2015-07-22 15:08:40 UTC (rev 35623)
@@ -43538,11 +43538,11 @@
[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
NOTE: http://www.samba.org/samba/security/CVE-2013-6442
CVE-2013-6441 (The lxc-sshd template (templates/lxc-sshd.in) in LXC before ...)
- - lxc <unfixed> (unimportant)
+ - lxc 1.0.0-1 (unimportant)
NOTE: getting root on host, if not using unprivileged containers or
NOTE: restricting the containers with apparmor or selinux.
NOTE: CVE is kept as no official documentation explicitly document this fact
- NOTE: https://github.com/lxc/lxc/commit/f4d5cc8e1f39d132b61e110674528cac727ae0e2
+ NOTE: https://github.com/lxc/lxc/commit/f4d5cc8e1f39d132b61e110674528cac727ae0e2 (lxc-1.0.0.beta2)
CVE-2013-6440 (The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, ...)
- opensaml2 <not-affected> (Debian provides the C-based Shibboleth implementation)
NOTE: http://shibboleth.net/community/advisories/secadv_20131213.txt
More information about the Secure-testing-commits
mailing list