[Git][security-tracker-team/security-tracker][master] Expand note for CVE-2005-4890

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Dec 18 22:04:35 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4451706 by Salvatore Bonaccorso at 2021-12-18T23:04:03+01:00
Expand note for CVE-2005-4890

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -436865,7 +436865,8 @@ CVE-2005-4890 (There is a possible tty hijacking in shadow 4.x before 4.1.5 and
 	[lenny] - shadow <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=173008
 	- sudo 1.7.4p4 (low; bug #657784)
-	NOTE: sudo might be fixed earlier, use_pty present in stable
+	NOTE: sudo might be fixed earlier, use_pty present in stable. Only since 1.9.6-1~exp2
+	NOTE: use_pty is added to default configuration.
 CVE-2011-2331 (Integer overflow in img.exe in HP Intelligent Management Center (IMC)  ...)
 	NOT-FOR-US: HP Intelligent Management Center (IMC)
 CVE-2011-2330 (Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1,  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4451706f25900fc6c3af7d27eccd901b1e68e1f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4451706f25900fc6c3af7d27eccd901b1e68e1f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211218/fd8e7fd1/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list