Author: rbalint Date: 2016-11-19 09:27:58 +0000 (Sat, 19 Nov 2016) New Revision: 46339
Modified: data/CVE/list data/dla-needed.txt Log: Mark #841257, sendmail no-dsa in wheezy Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-11-19 09:23:31 UTC (rev 46338) +++ data/CVE/list 2016-11-19 09:27:58 UTC (rev 46339) @@ -2020,6 +2020,8 @@ CVE-2016-XXXX [sendmail: Privilege escalation from group smmsp to root] - sendmail <unfixed> (bug #841257) [jessie] - sendmail <no-dsa> (Minor issue) + [wheezy] - sendmail <no-dsa> (Minor issue) + NOTE: no unprivileged user should be in smmsp group and there is no known vulnerability to gain smmsp group membership CVE-2016-8885 RESERVED - jasper <not-affected> (Incomplete fix for CVE-2016-8690 not applied) Modified: data/dla-needed.txt =================================================================== --- data/dla-needed.txt 2016-11-19 09:23:31 UTC (rev 46338) +++ data/dla-needed.txt 2016-11-19 09:27:58 UTC (rev 46339) @@ -99,8 +99,6 @@ -- potrace -- -sendmail --- tiff -- tomcat6 (Markus Koschany) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits