[Secure-testing-commits] r43039 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jul 6 14:53:25 UTC 2016
Author: carnil
Date: 2016-07-06 14:53:25 +0000 (Wed, 06 Jul 2016)
New Revision: 43039
Modified:
data/CVE/list
Log:
Mark CVE-2014-4040 as unimportant, additionally 1.3.1-2 removed /usr/sbin/snap
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-06 14:40:51 UTC (rev 43038)
+++ data/CVE/list 2016-07-06 14:53:25 UTC (rev 43039)
@@ -58719,10 +58719,11 @@
CVE-2014-4041
RESERVED
CVE-2014-4040 (snap in powerpc-utils 1.2.20 produces an archive with fstab and ...)
- - powerpc-utils <unfixed>
+ - powerpc-utils 1.3.1-2 (unimportant)
NOTE: SuSE decided to put/display a warning about the possibility to of
NOTE: containing cleartext passwords in the produced archive containing fstab
NOTE: and yaboot.conf
+ NOTE: 1.3.1-2 upload removed /usr/sbin/snap from the installed binary package
CVE-2014-4039 (ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does ...)
- ppc64-diag 2.7.1-5
NOTE: SuSE Patch: https://bugzilla.novell.com/attachment.cgi?id=599147
More information about the Secure-testing-commits
mailing list