Fill in status for several issues

author: Ben Hutchings <ben@decadent.org.uk> 2020-12-13 23:34:31 +0100
committer: Ben Hutchings <ben@decadent.org.uk> 2020-12-17 00:50:52 +0100
commit: 7811bf54c3fa03d431c7825d00b939213fa07553 (patch)
tree: 60f0aee0c228326665736d7199fe9a30ee8c9cd0 /active/CVE-2020-16120
parent: 3dd57c07bc02f0fdcda033e675b3e753858e4757 (diff)
1 files changed, 7 insertions, 5 deletions
diff --git a/active/CVE-2020-16120 b/active/CVE-2020-16120
index fbf03408..fb8cd0f8 100644
--- a/active/CVE-2020-16120
+++ b/active/CVE-2020-16120
@@ -11,11 +11,13 @@ Notes:
  carnil> Only exploitable when unprivileged user namespaces are enabled.
  bwh> I think it's only exploitable when unprivileged user namespace
  bwh> are enabled, *and* mounting of overlayfs is permitted in all
- bwh> user namespaces.
+ bwh> user namespaces.  This is not possible in the upstream or stable
+ bwh> kernels, or in a default Debian configuration, but we do provide
+ bwh> run-time configuration knobs to enable these.
 Bugs:
 upstream: released (5.8-rc1) [48bd024b8a40d73ad6b086de2615738da0c7004f, 56230d956739b9cb1cbde439d76227d77979a04d, 05acefb4872dae89e772729efb194af754c877e8]
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: N/A "Vulnerable configuration not possible"
+4.9-upstream-stable: N/A "Vulnerable configuration not possible"
 sid: released (5.8.7-1)
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: needed
+4.9-stretch-security: N/A "Vulnerable configuration not possible"
author	Ben Hutchings <ben@decadent.org.uk>	2020-12-13 23:34:31 +0100
committer	Ben Hutchings <ben@decadent.org.uk>	2020-12-17 00:50:52 +0100
commit	7811bf54c3fa03d431c7825d00b939213fa07553 (patch)
tree	60f0aee0c228326665736d7199fe9a30ee8c9cd0 /active/CVE-2020-16120
parent	3dd57c07bc02f0fdcda033e675b3e753858e4757 (diff)