[Secure-testing-commits] r42885 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jun 29 15:30:55 UTC 2016
Author: carnil
Date: 2016-06-29 15:30:55 +0000 (Wed, 29 Jun 2016)
New Revision: 42885
Modified:
data/CVE/list
Log:
Add note for CVE-2014-4040/ppc64-diag
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-29 15:28:10 UTC (rev 42884)
+++ data/CVE/list 2016-06-29 15:30:55 UTC (rev 42885)
@@ -57988,6 +57988,9 @@
RESERVED
CVE-2014-4040 (snap in powerpc-utils 1.2.20 produces an archive with fstab and ...)
- ppc64-diag <unfixed>
+ NOTE: SuSE decided to put/display a warning about the possibility to of
+ NOTE: containing cleartext passwords in the produced archive containing fstab
+ NOTE: and yaboot.conf
CVE-2014-4039 (ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does ...)
- ppc64-diag <unfixed>
NOTE: SuSE Patch: https://bugzilla.novell.com/attachment.cgi?id=599147
More information about the Secure-testing-commits
mailing list