Commit 01e0d8b7 authored by Hugo Lefeuvre's avatar Hugo Lefeuvre Committed by Hugo Lefeuvre

CVE-2018-16838: jessie not-affected

GPO access control was introduced later around 1.11.90
parent cdf3d36e
......@@ -32100,7 +32100,11 @@ CVE-2018-16839 (Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer o
CVE-2018-16838 [improper implementation of GPOs due to too restrictive permissions]
- sssd <unfixed>
[jessie] - sssd <not-affected> (GPO based access control introduced later)
NOTE: GPO based access control introduced in
NOTE: seems to presuppose configuration mistake: if sssd is not given enough permissions
NOTE: to read GPO, access is systematically granted instead of denied
TODO: check, Bugzilla entry does not provide details
CVE-2018-16837 (Ansible &quot;User&quot; module leaks any data which is passed on as a parameter ...)
{DSA-4396-1 DLA-1576-1}
......@@ -119,8 +119,6 @@ sqlalchemy
NOTE: 20190312:
NOTE: 20190312:
sssd (Hugo Lefeuvre)
wireshark (Thorsten Alteholz)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment