[Secure-testing-commits] r40013 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Feb 28 15:56:49 UTC 2016
Author: carnil
Date: 2016-02-28 15:56:49 +0000 (Sun, 28 Feb 2016)
New Revision: 40013
Modified:
data/CVE/list
Log:
Add CVE-2016-2781/coreutils
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-28 15:22:39 UTC (rev 40012)
+++ data/CVE/list 2016-02-28 15:56:49 UTC (rev 40013)
@@ -7,6 +7,9 @@
NOTE: fixed in 2.11.2
NOTE: https://github.com/moment/moment/pull/2939
NOTE: https://nodesecurity.io/advisories/55
+CVE-2016-2781 [nonpriv session can escape to the parent session by using the TIOCSTI ioctl]
+ - coreutils <unfixed>
+ TODO: check
CVE-2016-2779 [runuser tty hijacking via TIOCSTI ioctl]
- util-linux <unfixed> (bug #815922)
[wheezy] - util-linux <not-affected> (runuser[.c] not yet present)
More information about the Secure-testing-commits
mailing list