Full Disclosure mailing list archives

Re: [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell

From: Leo Famulari <leo () famulari name>
Date: Mon, 14 Nov 2016 22:27:07 -0500

On Mon, Nov 14, 2016 at 08:45:51PM +0000, Hector Marco wrote:

Hello All,

Affected package
----------------
Cryptsetup <= 2:1


Hi,

Can you clarify which versions are affected?

The latest upstream version is 1.7.3:

https://gitlab.com/cryptsetup/cryptsetup/commits/master

What is the 2:1 version?

Attachment: signature.asc
Description:


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

CVE-2016-4484: - Cryptsetup Initrd root Shell Hector Marco (Nov 15)
- Re: [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell - Update: Dracut is also vulnerable Hector Marco-Gisbert (Nov 15)
- Re: [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell Leo Famulari (Nov 15)
- Re: [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell Jason Cooper (Nov 16)