[Secure-testing-commits] r52004 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat May 27 22:19:39 UTC 2017
Author: jmm
Date: 2017-05-27 22:19:39 +0000 (Sat, 27 May 2017)
New Revision: 52004
Modified:
data/CVE/list
Log:
util-linux no-dsa for stretch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-27 22:18:00 UTC (rev 52003)
+++ data/CVE/list 2017-05-27 22:19:39 UTC (rev 52004)
@@ -47356,8 +47356,9 @@
NOTE: Restricting ioctl on the kernel side seems the better approach
CVE-2016-2779 (runuser in util-linux allows local users to escape to the parent ...)
- util-linux <unfixed> (bug #815922)
+ [stretch] - util-linux <no-dsa> (Minor issue)
[jessie] - util-linux <no-dsa> (Minor issue)
- NOTE: Restricting ioctl on the kernel side seems the better approach
+ NOTE: Restricting ioctl on the kernel side seems the better approach, patches have been posted to kernel-hardening list
[wheezy] - util-linux <not-affected> (runuser[.c] not yet present)
[squeeze] - util-linux <not-affected> (runuser[.c] not yet present)
NOTE: http://www.openwall.com/lists/oss-security/2016/02/27/1
More information about the Secure-testing-commits
mailing list