[Secure-testing-commits] r34120 - data/CVE

Alessandro Ghedini ghedo at moszumanska.debian.org
Thu May 7 21:51:26 UTC 2015


Author: ghedo
Date: 2015-05-07 21:51:26 +0000 (Thu, 07 May 2015)
New Revision: 34120

Modified:
   data/CVE/list
Log:
Add docker.io issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-05-07 21:44:27 UTC (rev 34119)
+++ data/CVE/list	2015-05-07 21:51:26 UTC (rev 34120)
@@ -29,16 +29,24 @@
 	TODO: check
 CVE-2015-3632 (Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow ...)
 	TODO: check
-CVE-2015-3631
+CVE-2015-3631 [Volume mounts allow LSM profile escalation]
 	RESERVED
-CVE-2015-3630
+	- docker.io <unfixed>
+	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
+CVE-2015-3630 [Read/write proc paths allow host modification & information disclosure]
 	RESERVED
-CVE-2015-3629
+	- docker.io <unfixed>
+	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
+CVE-2015-3629 [Symlink traversal on container respawn allows local privilege escalation]
 	RESERVED
+	- docker.io <unfixed>
+	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
 CVE-2015-3628
 	RESERVED
-CVE-2015-3627
+CVE-2015-3627 [Insecure opening of file-descriptor 1 leading to privilege escalation]
 	RESERVED
+	- docker.io <unfixed>
+	NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/10
 CVE-2015-3626
 	RESERVED
 CVE-2015-3625




More information about the Secure-testing-commits mailing list