Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 14 Apr 2015 12:02:40 -0400
From: Marc Deslauriers <marc.deslauriers@...onical.com>
To: oss-security@...ts.openwall.com
CC: cve-assign@...re.org
Subject: Re: Re: Problems in automatic crash analysis frameworks

Hi,

On 2015-04-14 11:55 AM, cve-assign@...re.org wrote:
> This is mostly a question for the persons who assigned CVE-2015-1318
> and CVE-2015-1862. Should these CVE assignments be interpreted to
> mean:
> 
>   CVE-2015-1318 - in Apport, an unprivileged user can use a
>                   namespace-based attack because there is an execve by
>                   root after a chroot into a user-specified directory

Yes, I assigned CVE-2015-1318 to that specific issue in Apport.

Marc.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ