[Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2018-1116/policykit-1 and reference bug

Salvatore Bonaccorso carnil at debian.org
Wed Jul 11 13:00:51 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
de977d76 by Salvatore Bonaccorso at 2018-07-11T13:59:34+02:00
Add fixed version for CVE-2018-1116/policykit-1 and reference bug

- - - - -
3059f790 by Salvatore Bonaccorso at 2018-07-11T14:00:26+02:00
Add references for CVE-2018-1116/policykit-1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -34701,8 +34701,10 @@ CVE-2018-1118 (Linux kernel vhost since version 4.8 does not properly initialize
 CVE-2018-1117 (ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a ...)
 	NOT-FOR-US: ovirt-ansible-roles
 CVE-2018-1116 (A flaw was found in polkit before version 0.116. The implementation of ...)
-	- policykit-1 <unfixed>
-	NOTE: https://cgit.freedesktop.org/polkit/commit/?id=bc7ffad5364
+	- policykit-1 0.105-21 (bug #903563)
+	NOTE: https://cgit.freedesktop.org/polkit/commit/?id=bc7ffad53643a9c80231fc41f5582d6a8931c32c
+	NOTE: https://lists.freedesktop.org/archives/polkit-devel/2018-July/000583.html
+	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1099031
 CVE-2018-1115 (postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack ...)
 	- postgresql-10 10.4-1
 	- postgresql-9.6 <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2a4422775dc6c865dfeec47074efb80c69dc97b8...3059f790e99b84f2d345ce95d7a9b3612b2d21c4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2a4422775dc6c865dfeec47074efb80c69dc97b8...3059f790e99b84f2d345ce95d7a9b3612b2d21c4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180711/77bfb220/attachment.html>

More information about the debian-security-tracker-commits mailing list