[Secure-testing-commits] r40205 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-03-07 10:21:01 +0000 (Mon, 07 Mar 2016)
New Revision: 40205

Modified:
   data/CVE/list
Log:
Add CVE-2016-285{3,4} to be checked

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-07 07:39:30 UTC (rev 40204)
+++ data/CVE/list	2016-03-07 10:21:01 UTC (rev 40205)
@@ -56,6 +56,16 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1296567
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/9
 	TODO: check affected versions
+CVE-2016-2854 [AUFS Xattr Setgid Privilege Escalation]
+	- linux <unfixed>
+	NOTE: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
+	NOTE: https://sourceforge.net/p/aufs/mailman/message/34864744/
+	TODO: check
+CVE-2016-2853 [AUFS Over Fuse: Loss of Nosuid]
+	- linux <unfixed>
+	NOTE: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
+	NOTE: https://sourceforge.net/p/aufs/mailman/message/34864744/
+	TODO: check
 CVE-2016-2839
 	RESERVED
 CVE-2016-2838