[Secure-testing-commits] r41897 - data/CVE

Salvatore Bonaccorso Thu, 19 May 2016 12:57:18 -0700

Author: carnil
Date: 2016-05-19 19:56:38 +0000 (Thu, 19 May 2016)
New Revision: 41897


Modified:
   data/CVE/list
Log:
Mark CVE-2016-2568 as no-dsa

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-05-19 19:37:39 UTC (rev 41896)
+++ data/CVE/list       2016-05-19 19:56:38 UTC (rev 41897)
@@ -6289,6 +6289,8 @@
 CVE-2016-2568 [Program run via pkexec as unprivileged user can escape to 
parent session via TIOCSTI ioctl]
        RESERVED
        - policykit-1 <unfixed> (bug #816062)
+       [jessie] - policykit-1 <no-dsa> (Minor issue)
+       NOTE: Restricting ioctl on the kernel side seems the better approach
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300746
 CVE-2016-2558 (The Escape interface in the Kernel Mode Driver layer in the 
NVIDIA GPU ...)
        TODO: check


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r41897 - data/CVE

Reply via email to