[Secure-testing-commits] r48243 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 21 07:11:22 UTC 2017
Author: carnil
Date: 2017-01-21 07:11:21 +0000 (Sat, 21 Jan 2017)
New Revision: 48243
Modified:
data/CVE/list
Log:
Add two hesiod issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-20 22:14:06 UTC (rev 48242)
+++ data/CVE/list 2017-01-21 07:11:21 UTC (rev 48243)
@@ -10,6 +10,14 @@
CVE-2017-XXXX [SEC-212 Format string injection]
- cgiemail <unfixed> (bug #852031)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/20/6
+CVE-2016-10152 [Use of hard-coded DNS domain if configuration file cannot be read]
+ - hesiod <unfixed>
+ NOTE: https://github.com/achernya/hesiod/pull/10
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1332493
+CVE-2016-10151 [Weak SUID check allowing privilege elevation]
+ - hesiod <unfixed>
+ NOTE: https://github.com/achernya/hesiod/pull/9
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1332508
CVE-2016-10150 [kvm: use-after-free issue while creating devices]
- linux 4.8.15-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
More information about the Secure-testing-commits
mailing list