Author: carnil Date: 2016-05-19 19:56:38 +0000 (Thu, 19 May 2016) New Revision: 41897
Modified: data/CVE/list Log: Mark CVE-2016-2568 as no-dsa Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-05-19 19:37:39 UTC (rev 41896) +++ data/CVE/list 2016-05-19 19:56:38 UTC (rev 41897) @@ -6289,6 +6289,8 @@ CVE-2016-2568 [Program run via pkexec as unprivileged user can escape to parent session via TIOCSTI ioctl] RESERVED - policykit-1 <unfixed> (bug #816062) + [jessie] - policykit-1 <no-dsa> (Minor issue) + NOTE: Restricting ioctl on the kernel side seems the better approach NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300746 CVE-2016-2558 (The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU ...) TODO: check _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits