[Secure-testing-commits] r45834 - data/CVE

Nicholas Luedtke Tue, 01 Nov 2016 08:07:47 -0700

Author: nluedtke-guest
Date: 2016-11-01 15:06:39 +0000 (Tue, 01 Nov 2016)
New Revision: 45834


Modified:
   data/CVE/list
Log:
Update CVE-2016-8867 with runc

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-11-01 14:00:20 UTC (rev 45833)
+++ data/CVE/list       2016-11-01 15:06:39 UTC (rev 45834)
@@ -582,9 +582,11 @@
        RESERVED
 CVE-2016-8867 (Docker Engine 1.12.2 enabled ambient capabilities with 
misconfigured ...)
        - docker.io <unfixed>
+       - runc <unfixed>
        NOTE: https://github.com/docker/docker/issues/27590
-       NOTE: 
https://github.com/opencontainers/runc/commit/a83f5bac28554fa0fd49bc1559a3c79f5907348f
-       TODO: check, might affect only 1.12.x or runc
+       NOTE: docker: 
https://github.com/docker/docker/pull/27610/commits/d60a3418d0268745dff38947bc8c929fbd24f837
 (1.12.3)
+       NOTE: runc: 
https://github.com/opencontainers/runc/commit/a83f5bac28554fa0fd49bc1559a3c79f5907348f
 (1.0.0-rc2)
+       NOTE: docker.io not directly affected but will need to be updated to 
include new runc version
 CVE-2016-8865
        RESERVED
 CVE-2016-8864


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r45834 - data/CVE

Reply via email to