lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 11 Jan 2017 11:54:13 +0100
From: Andreas Stieger <>
Subject: Re: [FD] [oss-security] Docker 1.12.6 - Security Advisory

On 01/11/2017 03:29 AM, Kurt Seifried wrote:
> On Tue, Jan 10, 2017 at 6:58 PM, Nathan McCauley <
>> [CVE-2016-9962] Insecure opening of file-descriptor allows privilege
>> escalation
>> [...]
>> Credit for this discovery goes to Aleksa Sarai from SUSE and Tõnis Tiigi
>> from Docker.
> Can you post a link to a patch for this issue, or to a bug entry with
> additional details, or the download site at a minimum? Thanks!


Andreas Stieger <>
Project Manager Security
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton,
HRB 21284 (AG Nürnberg)

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Sent through the Full Disclosure mailing list
Web Archives & RSS:

Powered by blists - more mailing lists