[Secure-testing-commits] r44888 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Sep 25 13:19:43 UTC 2016
Author: carnil
Date: 2016-09-25 13:19:42 +0000 (Sun, 25 Sep 2016)
New Revision: 44888
Modified:
data/CVE/list
Log:
Add CVE-2016-7545/policycoreutils
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-25 11:54:15 UTC (rev 44887)
+++ data/CVE/list 2016-09-25 13:19:42 UTC (rev 44888)
@@ -2167,8 +2167,12 @@
RESERVED
CVE-2016-7546
RESERVED
-CVE-2016-7545
+CVE-2016-7545 [SELinux sandbox escape via TIOCSTI ioctl]
RESERVED
+ - policycoreutils <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1378577
+ NOTE: Upstream mailing list discussion: https://marc.info/?t=147463464400001&r=1&w=2
+ NOTE: Upstream fix: https://github.com/SELinuxProject/selinux/commit/acca96a135a4d2a028ba9b636886af99c0915379
CVE-2016-7544
RESERVED
- libcrypto++ <not-affected> (Vulnerable code intorduced in 5.6.4, only affects Windows and Microsoft compilers)
More information about the Secure-testing-commits
mailing list