[Pkg-shadow-devel] Bug#855943: shadow: CVE-2017-2616: Sending SIGKILL to other processes with root privileges via su
carnil at debian.org
Thu Feb 23 16:02:12 UTC 2017
Tags: upstream security
Justification: user security hole
the following vulnerability was published for shadow. The same issue
as found in util-linux's su is present for su from shadow. The fix is
going to be commited to shadow's master branch is the git repo.
Sending SIGKILL to other processes with root privileges via su
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
More information about the Pkg-shadow-devel