[Secure-testing-commits] r45834 - data/CVE
Nicholas Luedtke
nluedtke-guest at moszumanska.debian.org
Tue Nov 1 15:06:39 UTC 2016
Author: nluedtke-guest
Date: 2016-11-01 15:06:39 +0000 (Tue, 01 Nov 2016)
New Revision: 45834
Modified:
data/CVE/list
Log:
Update CVE-2016-8867 with runc
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-01 14:00:20 UTC (rev 45833)
+++ data/CVE/list 2016-11-01 15:06:39 UTC (rev 45834)
@@ -582,9 +582,11 @@
RESERVED
CVE-2016-8867 (Docker Engine 1.12.2 enabled ambient capabilities with misconfigured ...)
- docker.io <unfixed>
+ - runc <unfixed>
NOTE: https://github.com/docker/docker/issues/27590
- NOTE: https://github.com/opencontainers/runc/commit/a83f5bac28554fa0fd49bc1559a3c79f5907348f
- TODO: check, might affect only 1.12.x or runc
+ NOTE: docker: https://github.com/docker/docker/pull/27610/commits/d60a3418d0268745dff38947bc8c929fbd24f837 (1.12.3)
+ NOTE: runc: https://github.com/opencontainers/runc/commit/a83f5bac28554fa0fd49bc1559a3c79f5907348f (1.0.0-rc2)
+ NOTE: docker.io not directly affected but will need to be updated to include new runc version
CVE-2016-8865
RESERVED
CVE-2016-8864
More information about the Secure-testing-commits
mailing list