Author: jmm
Date: 2017-01-06 09:33:17 +0000 (Fri, 06 Jan 2017)
New Revision: 47779
Modified:
data/CVE/list
Log:
new firejail issues
one harfbuzz issue n/a
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-06 09:11:51 UTC (rev 47778)
+++ data/CVE/list 2017-01-06 09:33:17 UTC (rev 47779)
@@ -114,6 +114,35 @@
RESERVED
CVE-2017-5136
RESERVED
+CVE-2016-10123 [firejail: don't allow --chroot as user without seccomp support]
+ - firejail 0.9.38-1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
+ NOTE:
https://github.com/netblue30/firejail/commit/a23ac1bf390fa4c3db4ea31e6ee6100a9c511d59
+CVE-2016-10122 [firejail: Environment not cleaned before root exec()]
+ - firejail <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
+ NOTE:
https://github.com/netblue30/firejail/commit/3b81e1f2c331644ced87d26a943b22eed6242b8f
+ NOTE:
https://github.com/netblue30/firejail/commit/72bc0e145c67da24e555d868086953148c52b5fc
+CVE-2016-10121 [firejail: multiple weak permissions]
+ - firejail 0.9.38-1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
+ NOTE:
https://github.com/netblue30/firejail/commit/1cab02f5ae3c90c01fae4d1c16381820b757a3a6
+CVE-2016-10120 [firejail /dev, /dev/shm, /var/tmp, /var/lock was mounted 0777]
+ - firejail 0.9.38-1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
+ NOTE:
https://github.com/netblue30/firejail/commit/cd0ecfc7a7b30abde20db6dea505cd8c58e7c046
+CVE-2016-10119 [firejail /tmp,/var/tmp was mounted tmpfs 0777]
+ - firejail 0.9.38-1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
+ NOTE:
https://github.com/netblue30/firejail/commit/aa28ac9e09557b833f194f594e2940919d940d1f
+CVE-2016-10118 [firejail allows unrestricted mount of tmpfs]
+ - firejail <unfixed> (low)
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
+ NOTE:
https://github.com/netblue30/firejail/commit/6144229605177764b7f3f3450c1a47f56595dc9e
+CVE-2016-10117 [firejail allows truncation of /etc/resolv.conf]
+ - firejail 0.9.38-1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/4
+ NOTE:
https://github.com/netblue30/firejail/commit/678cd1495457318dad39178bb646ba1b96332ddb
CVE-2016-10116 (NETGEAR Arlo base stations with firmware 1.7.5_6178 and
earlier, Arlo Q ...)
NOT-FOR-US: NETGEAR
CVE-2016-10115 (NETGEAR Arlo base stations with firmware 1.7.5_6178 and
earlier, Arlo Q ...)
@@ -36847,7 +36876,7 @@
NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
CVE-2016-2052 (Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6,
as used ...)
- harfbuzz 1.2.6-1
- [jessie] - harfbuzz <no-dsa> (Minor issue, will be fixed via spu)
+ [jessie] - harfbuzz <not-affected> (Vulnerable code not present)
- chromium-browser 48.0.2564.82-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
NOTE: https://code.google.com/p/chromium/issues/detail?id=544270
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
