Author: carnil Date: 2017-01-30 20:32:45 +0000 (Mon, 30 Jan 2017) New Revision: 48573
Modified: data/CVE/list Log: Update information for CVE-2016-8867 according to Tianon Gravi <tia...@debian.org> Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-30 20:27:58 UTC (rev 48572) +++ data/CVE/list 2017-01-30 20:32:45 UTC (rev 48573) @@ -15773,11 +15773,13 @@ RESERVED CVE-2016-8867 (Docker Engine 1.12.2 enabled ambient capabilities with misconfigured ...) - docker.io <unfixed> - - runc <unfixed> (bug #853240) + - runc <not-affected> ("ambient capabilities" introduced later, cf bug #853240) NOTE: https://github.com/docker/docker/issues/27590 NOTE: docker: https://github.com/docker/docker/pull/27610/commits/d60a3418d0268745dff38947bc8c929fbd24f837 (1.12.3) NOTE: runc: https://github.com/opencontainers/runc/commit/a83f5bac28554fa0fd49bc1559a3c79f5907348f NOTE: docker.io not directly affected but will need to be updated to include new runc version + NOTE: runc: "ambient capabilities" functionality added upstream with https://github.com/opencontainers/runc/pull/1086 + NOTE: and later changes. CVE-2016-8865 RESERVED CVE-2016-8864 (named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits