[Secure-testing-commits] r35673 - data/CVE
Luca Bruno
lucab at moszumanska.debian.org
Fri Jul 24 10:26:53 UTC 2015
Author: lucab
Date: 2015-07-24 10:26:53 +0000 (Fri, 24 Jul 2015)
New Revision: 35673
Modified:
data/CVE/list
Log:
Add bug reference #793465 for CVE-2015-324{5,6}/libuser
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-24 09:17:54 UTC (rev 35672)
+++ data/CVE/list 2015-07-24 10:26:53 UTC (rev 35673)
@@ -6099,12 +6099,11 @@
RESERVED
CVE-2015-3246 [libuser passwd file handling]
RESERVED
- - libuser <unfixed>
- TODO: check
+ - libuser <unfixed> (bug #793465)
CVE-2015-3245 [userhelper chfn() newline filtering]
RESERVED
- - usermode <unfixed>
- TODO: check
+ - libuser <unfixed> (bug #793465)
+ NOTE: initially attributed to usermode package, root-cause fixed in libuser instead
CVE-2015-3244 (The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, ...)
NOT-FOR-US: PortletBridge component of Red Hat JBoss Portal
CVE-2015-3243 [some log files are created world-readable]
More information about the Secure-testing-commits
mailing list