[Secure-testing-commits] r52494 - data/CVE
Ola Lundqvist
opal at moszumanska.debian.org
Sun Jun 11 20:08:28 UTC 2017
Author: opal
Date: 2017-06-11 20:08:28 +0000 (Sun, 11 Jun 2017)
New Revision: 52494
Modified:
data/CVE/list
Log:
Lynis unaffected in wheezy and minor issue in radare2.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-11 20:05:32 UTC (rev 52493)
+++ data/CVE/list 2017-06-11 20:08:28 UTC (rev 52494)
@@ -22,6 +22,7 @@
RESERVED
CVE-2017-9520 (The r_config_set function in libr/config/config.c in radare2 1.5.0 ...)
- radare2 <unfixed> (bug #864533)
+ [wheezy] - radare2 <no-dsa> (Minor issue)
NOTE: https://github.com/radare/radare2/commit/f85bc674b2a2256a364fe796351bc1971e106005
NOTE: https://github.com/radare/radare2/issues/7698
CVE-2017-9519 (atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user ...)
@@ -3899,7 +3900,8 @@
NOTE: https://github.com/saltstack/salt/commit/8492cef7a5c8871a3978ffc2f6e48b3b960e0151
CVE-2017-8108 (Unspecified tests in Lynis before 2.5.0 allow local users to write to ...)
- lynis 2.5.0-1 (unimportant)
- NOTE: Neutralised by kernel hardening
+ [wheezy] - lynis <not-affected> (Vulnerable code do not exist)
+ NOTE: Probability reduced by kernel hardening
CVE-2017-8107
RESERVED
CVE-2017-8106 (The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel ...)
More information about the Secure-testing-commits
mailing list