[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-27561 In release-1.1 branch
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Mar 26 16:04:21 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
72727a0d by Salvatore Bonaccorso at 2023-03-26T17:03:39+02:00
Reference upstream commit for CVE-2023-27561 In release-1.1 branch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -243568,6 +243568,7 @@ CVE-2023-27561 (runc through 1.1.4 has Incorrect Access Control leading to Escal
NOTE: https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9
NOTE: Issue exists because of a CVE-2019-19921 regression introduced by the fix for CVE-2021-30465.
NOTE: Pull Request: https://github.com/opencontainers/runc/pull/3773
+ NOTE: Fixed by: https://github.com/opencontainers/runc/commit/0abab45c9b97c113ff2cdc16f3a7388444c3fbec (release-1.1 branch)
CVE-2019-19921 (runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalat ...)
- runc 1.0.0~rc10+dfsg1-1
[buster] - runc <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72727a0d6bea2600fbdaff84e212bd68525f7c9d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72727a0d6bea2600fbdaff84e212bd68525f7c9d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230326/59c587c6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list