[Secure-testing-commits] r34788 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jun 7 15:02:26 UTC 2015
Author: carnil
Date: 2015-06-07 15:02:26 +0000 (Sun, 07 Jun 2015)
New Revision: 34788
Modified:
data/CVE/list
Log:
Mark CVE-2015-3218/policykit-1 as no-dsa
Reasoning: A local authenticated user can take advantage of this issue
to mount a denial of service only.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-07 14:52:02 UTC (rev 34787)
+++ data/CVE/list 2015-06-07 15:02:26 UTC (rev 34788)
@@ -2629,6 +2629,8 @@
CVE-2015-3218 [crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent]
RESERVED
- policykit-1 <unfixed> (bug #787932)
+ [jessie] - policykit-1 <no-dsa> (Minor issue)
+ [wheezy] - policykit-1 <no-dsa> (Minor issue)
NOTE: http://lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html
NOTE: Patch: http://cgit.freedesktop.org/polkit/commit/?id=48e646918efb2bf0b3b505747655726d7869f31c
CVE-2015-3217 [PCRE Library Call Stack Overflow Vulnerability in match()]
More information about the Secure-testing-commits
mailing list