[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] util-linux 2.29.2 fixes CVE-2017-2616
From: Tobias_Stöckmann <tobias () stoeckmann ! org>
Date: 2017-02-23 18:10:51
Message-ID: a3beb7ec-c3e0-6506-cbbc-18a7f92eeca4 () stoeckmann ! org
[Download RAW message or body]
[Attachment #2 (multipart/mixed)]
Hello,
as I have discovered the issue, I can confirm that su of util-linux as
well as shadow are affected.
I have supplied patches to both maintainers and the shadow patch has
been pushed now, too.
The code shares a common origin but differs slightly, which in fact made
the patch for shadow a bit trickier.
But as the code bases are so close to each other, I don't think that it
takes another CVE-ID for this one.
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic