[Secure-testing-commits] r45687 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 28 05:21:32 UTC 2016
Author: carnil
Date: 2016-10-28 05:21:32 +0000 (Fri, 28 Oct 2016)
New Revision: 45687
Modified:
data/CVE/list
Log:
Add CVE-2016-7032/sudo
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-28 05:21:23 UTC (rev 45686)
+++ data/CVE/list 2016-10-28 05:21:32 UTC (rev 45687)
@@ -5940,8 +5940,12 @@
NOT-FOR-US: JBoss BPMS
CVE-2016-7033 (Multiple cross-site scripting (XSS) vulnerabilities in the admin pages ...)
NOT-FOR-US: JBoss BPMS
-CVE-2016-7032
+CVE-2016-7032 [noexec bypass via system() and popen()]
RESERVED
+ - sudo 1.8.15-1
+ NOTE: https://www.sudo.ws/alerts/noexec_bypass.html
+ NOTE: This CVE is for the bypass via system() and popen(). The wordpexp() bypass
+ NOTE: is tracked under CVE-2016-7076.
CVE-2016-7031 (The RGW code in Ceph before 10.0.1, when authenticated-read ACL is ...)
- ceph <unfixed> (bug #838026)
[jessie] - ceph <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list