[Secure-testing-commits] r40786 - data/CVE
Paul Wise
pabs at moszumanska.debian.org
Thu Apr 7 01:50:29 UTC 2016
Author: pabs
Date: 2016-04-07 01:50:28 +0000 (Thu, 07 Apr 2016)
New Revision: 40786
Modified:
data/CVE/list
Log:
cobbler in Debian is not-affected by CVE-2011-1551 due to perm differences.
Ping-by: Nicholas Luedtke (nicholas) on #debian-security
Suggested-by: Thomas Goirand <zigo at debian.org>
Suggested-in: <55DEFE91.60601 at debian.org>
Suggested-in: #796151
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-06 21:10:13 UTC (rev 40785)
+++ data/CVE/list 2016-04-07 01:50:28 UTC (rev 40786)
@@ -109505,7 +109505,7 @@
- xpdf 3.02-9
- poppler <not-affected> (never used t1lib)
CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ ...)
- - cobbler <unfixed> (bug #796151)
+ - cobbler <not-affected> (bug #796151; perms different on Debian)
NOTE: /var/log/cobbler is set to cobbler:cobbler and daemon runs as root
CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory uses ...)
- logrotate <not-affected> (SuSE-specific, see CVE-2011-1548 for Debian)
More information about the Secure-testing-commits
mailing list