Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
18b8f512 by Salvatore Bonaccorso at 2019-05-31T06:42:59Z
Add three new rkt issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5600,14 +5600,23 @@ CVE-2019-10149
RESERVED
CVE-2019-10148
RESERVED
-CVE-2019-10147
+CVE-2019-10147 [processes run with rkt enter are not limited by cgroups during
stage 2]
RESERVED
+ - rkt <unfixed>
+ NOTE:
https://www.twistlock.com/labs-blog/breaking-out-of-coresos-rkt-3-new-cves/
+ NOTE: https://github.com/rkt/rkt/issues/3998
CVE-2019-10146
RESERVED
-CVE-2019-10145
+CVE-2019-10145 [processes run with rkt enter do not have seccomp filtering
during stage 2]
RESERVED
-CVE-2019-10144
+ - rkt <unfixed>
+ NOTE:
https://www.twistlock.com/labs-blog/breaking-out-of-coresos-rkt-3-new-cves/
+ NOTE: https://github.com/rkt/rkt/issues/3998
+CVE-2019-10144 [rkt: processes run with `rkt enter` are given all capabilities
during stage 2]
RESERVED
+ - rkt <unfixed>
+ NOTE:
https://www.twistlock.com/labs-blog/breaking-out-of-coresos-rkt-3-new-cves/
+ NOTE: https://github.com/rkt/rkt/issues/3998
CVE-2019-10143 (It was discovered freeradius up to and including version
3.0.19 does n ...)
- freeradius <unfixed> (unimportant; bug #929466)
NOTE: https://github.com/FreeRADIUS/freeradius-server/pull/2666
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/18b8f512512e6abce518009e8532215c1e1e7c92
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/18b8f512512e6abce518009e8532215c1e1e7c92
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
