oss-sec mailing list archives
Re: [CVE request] systemd
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 01 Oct 2013 10:08:21 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/01/2013 01:26 AM, Huzaifa Sidhpurwala wrote:
Hi All, I would like to request CVE ids for 4 systemd issues. 1. systemd: Integer overflow, leading to heap-based buffer overflow by processing native messages https://bugzilla.redhat.com/show_bug.cgi?id=859051
Please use CVE-2013-4391 for this issue.
2. systemd: TOCTOU race condition when updating file permissions and SELinux security contexts https://bugzilla.redhat.com/show_bug.cgi?id=859060
Please use CVE-2013-4392 for this issue.
3. systemd: Possibility of denial of logging service by processing native messages from file https://bugzilla.redhat.com/show_bug.cgi?id=859104
Please use CVE-2013-4393 for this issue.
4. systemd: Improper sanitization of invalid XKB layouts descriptions (privilege escalation when custom PolicyKit local authority file used) https://bugzilla.redhat.com/show_bug.cgi?id=862324
Please use CVE-2013-4394 for this issue.
Thanks!
- -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQIcBAEBAgAGBQJSSvN0AAoJEBYNRVNeJnmTvEkP/0O7fL7qM+qlir6O27hOoLLi 42YBzSFM49TDP067kPPx+buKBmHBXDq5CulTa1fm/0yW6Z7Aj2L+sA81c8Ovrejf 52AXUmbOwOd6pUFPTe+E/mBWLJ6c1kYcl5Q0+EEKJjbmmvsxsDJkUDrbavRJwymF plmMmspti+jUHge1vmFu0aNf/kGvBH6izYm/3rlZb0Z3itHid9W5AkcgcrqD5aBM RwRwNCY46reaSMZZSq0jDdFryZu2M/NazNTKsPgPQSA+8ww6Oq+ABPBm0UHhA5iy ZEy9bLDg1xcU1YezElc3m+BVivJVxE4cH+LEl7835SFCePhMquph3skBGRaBa2py QLnduv8zepOp3gTTCjcbVZGpCF7h1EjrIR7hKv9PaIA9F7wkyNvwOQCW/Hzp6SKO Q/Jf9zw9asFOicHq0iCf4FlwkX9sYBTXjVnDWYKQ0Z/97S0gwjkcTC+Uq+wKWv1F AbpMhGCKdR+I2cxPwYz6gLjuY78CG4qRiCp4zls1b33L1xlY6SHkxbOQ8dDVNrta LfqzqKoKTb5DsdQHqx9Bq2b74QG9xtsrqi7lv4dFrl9UDmbltc48ydtHomhN923h JANWDUtarDb5b2DsHnix1zFjRrdhX4RKHx1ocCajJPZM8u74nDkr0v1uLB/SNUyY RVTIDk6MY7bZvIk4lLpN =5Kt1 -----END PGP SIGNATURE-----
Current thread:
- [CVE request] systemd Huzaifa Sidhpurwala (Oct 01)
- Re: [CVE request] systemd Sebastian Krahmer (Oct 01)
- Re: [CVE request] systemd Kurt Seifried (Oct 01)