[Secure-testing-commits] r49140 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Feb 23 10:07:31 UTC 2017
Author: carnil
Date: 2017-02-23 10:07:31 +0000 (Thu, 23 Feb 2017)
New Revision: 49140
Modified:
data/CVE/list
Log:
Add src:shadow, needs check if it is affected
Cf. http://www.openwall.com/lists/oss-security/2017/02/23/6 which
indicates that su from src:shadow has the same problem.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-23 09:30:54 UTC (rev 49139)
+++ data/CVE/list 2017-02-23 10:07:31 UTC (rev 49140)
@@ -9859,9 +9859,9 @@
NOT-FOR-US: hawtio
CVE-2017-2616 [Sending SIGKILL to other processes with root privileges via su]
RESERVED
+ - shadow <undetermined>
- util-linux <unfixed> (unimportant)
NOTE: https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891
- TODO: double-check unimportant severity, since we do not compile su from util-linux
CVE-2017-2615
RESERVED
- qemu <unfixed> (low; bug #854731)
More information about the Secure-testing-commits
mailing list