[Secure-testing-commits] r34120 - data/CVE
Alessandro Ghedini
ghedo at moszumanska.debian.org
Thu May 7 21:51:26 UTC 2015
Author: ghedo
Date: 2015-05-07 21:51:26 +0000 (Thu, 07 May 2015)
New Revision: 34120
Modified:
data/CVE/list
Log:
Add docker.io issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-07 21:44:27 UTC (rev 34119)
+++ data/CVE/list 2015-05-07 21:51:26 UTC (rev 34120)
@@ -29,16 +29,24 @@
TODO: check
CVE-2015-3632 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow ...)
TODO: check
-CVE-2015-3631
+CVE-2015-3631 [Volume mounts allow LSM profile escalation]
RESERVED
-CVE-2015-3630
+ - docker.io <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
+CVE-2015-3630 [Read/write proc paths allow host modification & information disclosure]
RESERVED
-CVE-2015-3629
+ - docker.io <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
+CVE-2015-3629 [Symlink traversal on container respawn allows local privilege escalation]
RESERVED
+ - docker.io <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
CVE-2015-3628
RESERVED
-CVE-2015-3627
+CVE-2015-3627 [Insecure opening of file-descriptor 1 leading to privilege escalation]
RESERVED
+ - docker.io <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
CVE-2015-3626
RESERVED
CVE-2015-3625
More information about the Secure-testing-commits
mailing list