[Secure-testing-commits] r46524 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-11-25 05:21:33 +0000 (Fri, 25 Nov 2016)
New Revision: 46524

Modified:
   data/CVE/list
Log:
Update Status for CVE-2016-8650/linux

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-25 01:36:04 UTC (rev 46523)
+++ data/CVE/list	2016-11-25 05:21:33 UTC (rev 46524)
@@ -2703,7 +2703,10 @@
 CVE-2016-8650 [Null pointer dereference via keyctl]
 	RESERVED
 	- linux <unfixed>
+	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: http://seclists.org/fulldisclosure/2016/Nov/76
+	NOTE: Proposed fix: https://lkml.org/lkml/2016/11/23/477
+	NOTE: Introduced by https://git.kernel.org/linus/cdec9cb5167ab1113ba9c58e395f664d9d3f9acb (v3.3-rc1)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1343162 (not yet opened)
 CVE-2016-8649 [lxc-attach to malicious container allows access to host]
 	RESERVED