[Secure-testing-commits] r40721 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Apr 2 17:03:50 UTC 2016


Author: carnil
Date: 2016-04-02 17:03:50 +0000 (Sat, 02 Apr 2016)
New Revision: 40721

Modified:
   data/CVE/list
Log:
Add CVE-2016-0764

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-04-02 13:34:34 UTC (rev 40720)
+++ data/CVE/list	2016-04-02 17:03:50 UTC (rev 40721)
@@ -9494,8 +9494,12 @@
 	[jessie] - postgresql-9.1 <no-dsa> (postgresql-9.1 in jessie only provides PL/Perl)
 CVE-2016-0765
 	RESERVED
-CVE-2016-0764
+CVE-2016-0764 [Race conditions that could disclose connection secrets to authenticated local users]
 	RESERVED
+	- network-manager <unfixed>
+	NOTE: https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/NEWS?h=1.0.12
+	NOTE: Fixed in 1.0.12 for the 1.0.x branch.
+	TODO: check if already fixed in Development brach 1.1.92+
 CVE-2016-0763 (The setGlobalContext method in ...)
 	{DSA-3530-1 DLA-435-1}
 	- tomcat9 <itp> (bug #802312)




More information about the Secure-testing-commits mailing list