[Secure-testing-commits] r38976 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jan 17 10:02:43 UTC 2016


Author: carnil
Date: 2016-01-17 10:02:43 +0000 (Sun, 17 Jan 2016)
New Revision: 38976

Modified:
   data/CVE/list
Log:
Mark both CVE-2016-1919/CVE-2016-1920 as NFU (KNOX 1.0 specific)

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-17 06:53:38 UTC (rev 38975)
+++ data/CVE/list	2016-01-17 10:02:43 UTC (rev 38976)
@@ -1,3 +1,7 @@
+CVE-2016-1920 [VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3]
+	NOT-FOR-US: KNOX 1.0 / Android 4.3
+CVE-2016-1919 [Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3]
+	NOT-FOR-US: KNOX 1.0 / Android 4.3
 CVE-2016-1902
 	RESERVED
 CVE-2016-1906 [Kubernetes api server: build config to a strategy that isn't allowed by policy]




More information about the Secure-testing-commits mailing list