[Git][security-tracker-team/security-tracker][master] Expand note for CVE-2019-13179 and add information on umask override
Salvatore Bonaccorso
carnil at debian.org
Fri Jul 5 20:06:17 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6686b9a5 by Salvatore Bonaccorso at 2019-07-05T19:05:58Z
Expand note for CVE-2019-13179 and add information on umask override
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -324,6 +324,10 @@ CVE-2019-13179 (Calamares versions 3.1 through 3.2.10 copies a LUKS encryption k
- calamares-settings-debian 10.0.23-1 (bug #931373)
NOTE: https://github.com/calamares/calamares/issues/1191
NOTE: https://github.com/calamares/calamares/commit/003096698627a527b589c0c929dda4d58f23fd93
+ NOTE: The issue itself can be adressed as well via calamares-settings-debian and
+ NOTE: placing a more restrictive umask override in /etc/initramfs-tools/conf.d
+ NOTE: directory.
+ NOTE: https://github.com/calamares/calamares/commit/43eb664e7d44d963bb7b82d03215d84b47100ba0
CVE-2019-13178 (modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2. ...)
- calamares <unfixed> (bug #931391)
NOTE: https://github.com/calamares/calamares/issues/1190
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6686b9a539353b126fdb6024643045866c040bc4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6686b9a539353b126fdb6024643045866c040bc4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190705/f5c1afbc/attachment.html>
More information about the debian-security-tracker-commits
mailing list