diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-15 21:42:48 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-15 21:44:53 +0100 |
commit | 832230efa2968fc7566054f45a40ae019e85bb67 (patch) | |
tree | d0d3deb5f700a1784f00ecc0b7923f22dff32cbf /data/CVE/2022.list | |
parent | 9a1806ad562dce21cb8a9bb9823fc7ef16822994 (diff) |
Update note for CVE-2022-0563/util-linux
Unfortunately the situation is compliated. util-linux is compiled with
readline support. But additionally it is configured with
--disable-chfn-chsh. The chfn and chsh utilities are until now provided
by src:shadow (and the passwd binary package).
Diffstat (limited to 'data/CVE/2022.list')
-rw-r--r-- | data/CVE/2022.list | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 4b1fd5a238..8010cc7b9a 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -1189,7 +1189,8 @@ CVE-2022-0563 [partial disclosure of arbitrary files in chfn and chsh when compi NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2053151 NOTE: https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u NOTE: https://github.com/util-linux/util-linux/commit/faa5a3a83ad0cb5e2c303edbfd8cd823c9d94c17 - NOTE: util-linux in Debian not built with readline support + NOTE: util-linux in Debian does build with readline support but chfn and chsh are provided + NOTE: by src:shadow and util-linux is configured with --disable-chfn-chsh CVE-2022-0562 (Null source pointer passed as an argument to memcpy() function within ...) - tiff 4.3.0-4 [bullseye] - tiff <no-dsa> (Minor issue) |