[Secure-testing-commits] r39063 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jan 21 19:42:58 UTC 2016


Author: carnil
Date: 2016-01-21 19:42:58 +0000 (Thu, 21 Jan 2016)
New Revision: 39063

Modified:
   data/CVE/list
Log:
Add CVE-2016-0727/ntp

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-21 19:37:49 UTC (rev 39062)
+++ data/CVE/list	2016-01-21 19:42:58 UTC (rev 39063)
@@ -3424,8 +3424,11 @@
 	NOTE: Upstream commit: https://git.kernel.org/linus/23567fd052a9abb6d67fe8e7a9ccdd9800a540f2
 	NOTE: Introduced in https://git.kernel.org/linus/3a50597de8635cd05133bd12c95681c82fe7b878 (v3.8-rc1)
 	NOTE: http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
-CVE-2016-0727
+CVE-2016-0727 [NTP statsdir cleanup cronjob insecure]
 	RESERVED
+	- ntp <unfixed>
+	NOTE: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1528050
+	NOTE: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/
 CVE-2016-0726
 	RESERVED
 CVE-2016-0725 [XSS Vulnerability in course management search]




More information about the Secure-testing-commits mailing list