list: Update metadata on currently open systemd issues.

Mike Gabriel Tue, 23 Apr 2019 01:55:27 -0700


Mike Gabriel pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a2a94b11 by Mike Gabriel at 2019-04-23T08:54:06Z
data/CVE/list: Update metadata on currently open systemd issues.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5173,8 +5173,10 @@ CVE-2019-9619 [not enabled pam_systemd for 
non-interactive sessions]
        - systemd <unfixed>
        [buster] - systemd <ignored> (Too intrusive change for a stable release)
        [stretch] - systemd <ignored> (Too intrusive change for a stable 
release)
+       [jessie] - systemd <ignored> (Too intrusive change for a stable release)
        NOTE: https://bugs.launchpad.net/bugs/1812316
        NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1756
+       NOTE: for a stable release, activating pam_systemd for non-interactive 
sessions will likely have all sorts of unexpected/unwanted side-effects, so CAVE
 CVE-2019-9618
        RESERVED
 CVE-2019-9617 (An issue was discovered in OFCMS before 1.1.3. Remote attackers 
can ex ...)
@@ -36953,7 +36955,7 @@ CVE-2018-16889 (Ceph does not properly sanitize 
encryption keys in debug logging
 CVE-2018-16888 (It was discovered systemd does not correctly check the content 
of PIDF ...)
        - systemd 237-1 (low)
        [stretch] - systemd <ignored> (Minor issue, too intrusive to backport)
-       [jessie] - systemd <no-dsa> (low priority because this is inherently a 
bug in the PID file logic)
+       [jessie] - systemd <no-dsa> (low priority because this is inherently a 
bug in the PID file logic, too intrusive to backport)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1662867
        NOTE: Upstream issue: https://github.com/systemd/systemd/issues/6632
        NOTE: Upstream patches: https://github.com/systemd/systemd/pull/7816



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a2a94b119157e98368b79a2684764f4824db9369

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a2a94b119157e98368b79a2684764f4824db9369
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] data/CVE/list: Update metadata on currently open systemd issues.

Reply via email to