[Secure-testing-commits] r34961 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jun 16 16:15:35 UTC 2015


Author: carnil
Date: 2015-06-16 16:15:35 +0000 (Tue, 16 Jun 2015)
New Revision: 34961

Modified:
   data/CVE/list
Log:
Update one todo for cobbler

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-06-16 15:54:20 UTC (rev 34960)
+++ data/CVE/list	2015-06-16 16:15:35 UTC (rev 34961)
@@ -85157,7 +85157,7 @@
 	- poppler <not-affected> (never used t1lib)
 CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ ...)
 	- cobbler <unfixed>
-	TODO: check after having entered the archive
+	TODO: check, /var/log/cobbler is set to cobbler:cobbler and daemon runs as root
 CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory uses ...)
 	- logrotate <not-affected> (SuSE-specific, see CVE-2011-1548 for Debian)
 CVE-2011-1549 (The default configuration of logrotate on Gentoo Linux uses root ...)




More information about the Secure-testing-commits mailing list