[Secure-testing-commits] r47454 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Dec 26 19:25:42 UTC 2016
Author: jmm
Date: 2016-12-26 19:25:42 +0000 (Mon, 26 Dec 2016)
New Revision: 47454
Modified:
data/CVE/list
Log:
mark further issues neutralised by kernel hardening as unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-26 19:10:57 UTC (rev 47453)
+++ data/CVE/list 2016-12-26 19:25:42 UTC (rev 47454)
@@ -20236,10 +20236,8 @@
CVE-2016-1000009 (TP-LINK lost control of two domains, www.tplinklogin.net and ...)
TODO: check
CVE-2016-XXXX [Insecure use of /tmp]
- - leptonlib <unfixed> (bug #830660)
- [jessie] - leptonlib <no-dsa> (Minor issue)
- [wheezy] - leptonlib <no-dsa> (Minor issue)
- NOTE: Not exploitable with kernel hardening since wheezy
+ - leptonlib 1.73-5 (unimportant; bug #830660)
+ NOTE: Neutralised by kernel hardening
CVE-2016-6198 (The filesystem layer in the Linux kernel before 4.5.5 proceeds with ...)
- linux 4.5.5-1
[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -43967,8 +43965,8 @@
RESERVED
CVE-2015-7529 [Usage of predictable temporary files allows privilege escalation]
RESERVED
- - sosreport 3.2+git276-g7da50d6-3
- [jessie] - sosreport <no-dsa> (Minor issue; mitigated by fs.protected_symlinks)
+ - sosreport 3.2+git276-g7da50d6-3 (unimportant)
+ NOTE: Neutralised by kernel hardening
CVE-2015-7528 (Kubernetes before 1.2.0-alpha.5 allows remote attackers to read ...)
- kubernetes <itp> (bug #795652)
NOTE: https://github.com/kubernetes/kubernetes/pull/17886
@@ -77442,9 +77440,8 @@
NOTE: https://github.com/plack/Plack/issues/405
CVE-2014-5255 [Insecure use of temporary file related to the /tmp/get_infos_dvd.sh]
RESERVED
- - xcfa 5.0.1-1 (low; bug #756600)
- [jessie] - xcfa <no-dsa> (Minor issue)
- [wheezy] - xcfa <no-dsa> (Minor issue)
+ - xcfa 5.0.1-1 (unimportant; bug #756600)
+ NOTE: Neutralised by kernel temp hardening
CVE-2014-5254 [Symlink following issues]
RESERVED
- xcfa 5.0.1-1 (unimportant; bug #756600)
More information about the Secure-testing-commits
mailing list