[Secure-testing-commits] r42423 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jun 9 16:41:26 UTC 2016
Author: carnil
Date: 2016-06-09 16:41:26 +0000 (Thu, 09 Jun 2016)
New Revision: 42423
Modified:
data/CVE/list
Log:
Add note for CVE-2016-3697/{docker.io,runc}
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-09 16:35:13 UTC (rev 42422)
+++ data/CVE/list 2016-06-09 16:41:26 UTC (rev 42423)
@@ -4908,6 +4908,7 @@
NOTE: https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839
CVE-2016-3697 (libcontainer/user/user.go in runC before 0.1.0, as used in Docker ...)
- docker.io <not-affected> (Vulnerable code not present)
+ NOTE: Affected file not present, but docker.io probably needs to be rebuild with fixed runc
- runc 0.1.0+dfsg-1
NOTE: https://github.com/opencontainers/runc/commit/69af385de62ea68e2e608335cffbb0f4aa3db091 (runc, v0.1.0)
NOTE: https://github.com/docker/docker/commit/da38ac6c79fe902ed0687afc73d731c95c6d491a (docker)
More information about the Secure-testing-commits
mailing list