Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
554ac35f by Moritz Muehlenhoff at 2018-11-22T19:55:38Z
amanda non-issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2216,13 +2216,15 @@ CVE-2018-18633
CVE-2018-18632
RESERVED
CVE-2016-10730 (An issue was discovered in Amanda 3.3.1. A user with backup
privileges ...)
- - amanda <undetermined>
+ - amanda <unfixed> (unimportant)
NOTE: https://www.exploit-db.com/exploits/39244/
- TODO: check
+ NOTE: /usr/lib/amanda/application/amstar can only be run by members of
the backup
+ NOTE: group (which is root-equivalent due to being able to perform
restores e.g.)
CVE-2016-10729 (An issue was discovered in Amanda 3.3.1. A user with backup
privileges ...)
- - amanda <undetermined>
+ - amanda <unfixed> (unimportant)
NOTE: https://www.exploit-db.com/exploits/39217/
- TODO: check
+ NOTE: /usr/lib/amanda/runtar can only be run by members of the backup
+ NOTE: group (which is root-equivalent due to being able to perform
restores e.g.)
CVE-2018-18883 (An issue was discovered in Xen 4.9.x through 4.11.x, on Intel
x86 ...)
- xen <unfixed>
[stretch] - xen <not-affected> (Only affects 4.9 and later)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/554ac35f5c016c83ec6fb0c0582d05e921356d04
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/554ac35f5c016c83ec6fb0c0582d05e921356d04
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
