[Secure-testing-commits] r35657 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 23 20:12:16 UTC 2015
Author: carnil
Date: 2015-07-23 20:12:16 +0000 (Thu, 23 Jul 2015)
New Revision: 35657
Modified:
data/CVE/list
Log:
Add CVE-2015-324{5,6} in libuser and usermode
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-23 20:08:27 UTC (rev 35656)
+++ data/CVE/list 2015-07-23 20:12:16 UTC (rev 35657)
@@ -6068,10 +6068,14 @@
NOTE: In Debian directory is not world-writable
CVE-2015-3247
RESERVED
-CVE-2015-3246
+CVE-2015-3246 [libuser passwd file handling]
RESERVED
-CVE-2015-3245
+ - libuser <unfixed>
+ TODO: check
+CVE-2015-3245 [userhelper chfn() newline filtering]
RESERVED
+ - usermode <unfixed>
+ TODO: check
CVE-2015-3244 (The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, ...)
NOT-FOR-US: PortletBridge component of Red Hat JBoss Portal
CVE-2015-3243 [some log files are created world-readable]
More information about the Secure-testing-commits
mailing list