[Secure-testing-commits] r37799 - data/CVE
Ben Hutchings
benh at moszumanska.debian.org
Sat Nov 21 01:04:39 UTC 2015
Author: benh
Date: 2015-11-21 01:04:39 +0000 (Sat, 21 Nov 2015)
New Revision: 37799
Modified:
data/CVE/list
Log:
Triage DoS on journald dependent on unprivileged CLONE_NEWUSER
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-21 00:56:59 UTC (rev 37798)
+++ data/CVE/list 2015-11-21 01:04:39 UTC (rev 37799)
@@ -398,9 +398,12 @@
TODO: check versions
CVE-2015-XXXX [Kernel: Unprivileged user can freeze journald]
- linux <unfixed>
+ [jeesie] - linux <no-dsa> (Minor issue)
+ [wheezy] - linux <not-affected> (Vulnerable code not present)
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/systemd/systemd/issues/1822
- NOTE: Issue in Linux related to unprivileged CLONE_NEWUSER affecting systemd
+ NOTE: Issue in Linux related to unprivileged CLONE_NEWUSER affecting systemd, but we disable unprivileged use by default
TODO: check
CVE-2015-XXXX [update-smart-drivedb downloads unauthenticated data from the web]
- smartmontools <unfixed> (low; bug #804299)
More information about the Secure-testing-commits
mailing list