[Secure-testing-commits] r50624 - data/CVE

Nicholas Luedtke nluedtke-guest at moszumanska.debian.org
Thu Apr 13 14:26:43 UTC 2017 

Author: nluedtke-guest
Date: 2017-04-13 14:26:43 +0000 (Thu, 13 Apr 2017)
New Revision: 50624

Modified:
   data/CVE/list
Log:
Update K8s issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-13 12:48:26 UTC (rev 50623)
+++ data/CVE/list	2017-04-13 14:26:43 UTC (rev 50624)
@@ -45904,13 +45904,14 @@
 	NOTE: http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails
 	NOTE: https://github.com/symfony/symfony/pull/17359
 CVE-2016-1906 (The API server in Kubernetes might allow remote attackers to gain ...)
-	- kubernetes <unfixed>
+	- kubernetes <not-affected> (Openshift Specific)
 	NOTE: https://github.com/openshift/origin/issues/6556
 	NOTE: https://github.com/openshift/origin/pull/6576
 CVE-2016-1905 (The API server in Kubernetes does not properly check admission ...)
-	- kubernetes <unfixed>
+	- kubernetes <not-affected> (Fixed before the initial release in Debian, 1.2.0)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/19479
 	NOTE: https://github.com/kubernetes/kubernetes/pull/19481
+	NOTE: Fixed before 
 CVE-2016-1904 (Multiple integer overflows in ext/standard/exec.c in PHP 7.x before ...)
 	- php5 <not-affected> (Vulnerable code not present)
 	- php5.6 <not-affected> (Vulnerable code not present)
@@ -61101,8 +61102,8 @@
 	- ironic-inspector 3.2.0-1
 	NOTE: https://bugs.launchpad.net/ironic-inspector/+bug/1506419
 CVE-2015-5305 (Directory traversal vulnerability in Kubernetes, as used in Red Hat ...)
-	- kubernetes <undetermined>
-	NOTE: Might be an issue in OpenShift
+	- kubernetes <not-affected> (Fixed before the initial release in Debian, 1.2.0)
+	NOTE: https://github.com/kubernetes/kubernetes/pull/15975
 CVE-2015-5304 (Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does ...)
 	NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
 CVE-2015-5303 (The TripleO Heat templates (tripleo-heat-templates), when deployed via ...)

More information about the Secure-testing-commits mailing list