[Secure-testing-commits] r48315 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jan 24 05:36:46 UTC 2017
Author: carnil
Date: 2017-01-24 05:36:46 +0000 (Tue, 24 Jan 2017)
New Revision: 48315
Modified:
data/CVE/list
Log:
Add CVE-2016-10156/systemd
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-23 23:48:13 UTC (rev 48314)
+++ data/CVE/list 2017-01-24 05:36:46 UTC (rev 48315)
@@ -81,7 +81,11 @@
CVE-2016-10157 (Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to ...)
TODO: check
CVE-2016-10156 (A flaw in systemd v228 in /src/basic/fs-util.c caused world writable ...)
- TODO: check
+ - systemd 229-1
+ NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1020601
+ NOTE: https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e (v229)
+ NOTE: https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f (v228)
+ TODO: check for older version, contacted SuSE security team to open https://bugzilla.suse.com/show_bug.cgi?id=1020601
CVE-2017-XXXX [Reflected XSS vulnerability]
- cgiemail <unfixed> (bug #852031)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/20/6
More information about the Secure-testing-commits
mailing list