Author: carnil
Date: 2016-11-30 20:46:47 +0000 (Wed, 30 Nov 2016)
New Revision: 46665
Modified:
data/CVE/list
Log:
Add fixed version for sendmail issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-30 19:50:33 UTC (rev 46664)
+++ data/CVE/list 2016-11-30 20:46:47 UTC (rev 46665)
@@ -2987,7 +2987,7 @@
[wheezy] - jasper <no-dsa> (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2016/10/18/jasper-memory-allocation-failure-in-jas_malloc-jas_malloc-c
CVE-2016-XXXX [sendmail: Privilege escalation from group smmsp to root]
- - sendmail <unfixed> (bug #841257)
+ - sendmail 8.15.2-7 (bug #841257)
[jessie] - sendmail <no-dsa> (Minor issue)
[wheezy] - sendmail <no-dsa> (Minor issue)
NOTE: no unprivileged user should be in smmsp group and there is no
known vulnerability to gain smmsp group membership
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
