1
Candidate: CVE-2015-3245
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3245
6
Incomplete blacklist vulnerability in the chfn function in libuser before
7
0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the
8
usermode package, allows local users to cause a denial of service
9
(/etc/passwd corruption) via a newline character in the GECOS field.
13
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793465
19
upstream: https://fedorahosted.org/libuser/changeset/d73aa2a5a9ce5bdd349dff46e3e4885f2b194a95/
20
upstream_libuser: released (1:0.62~dfsg-0.1)
21
precise_libuser: ignored (reached end-of-life)
22
precise/esm_libuser: DNE (precise was needed)
23
trusty_libuser: needed
24
vivid_libuser: ignored (reached end-of-life)
25
vivid/stable-phone-overlay_libuser: DNE
26
vivid/ubuntu-core_libuser: DNE
27
wily_libuser: ignored (reached end-of-life)
28
xenial_libuser: needed
29
yakkety_libuser: not-affected (1:0.62~dfsg-0.1)
30
zesty_libuser: not-affected (1:0.62~dfsg-0.1)
31
artful_libuser: not-affected (1:0.62~dfsg-0.1)
32
bionic_libuser: not-affected (1:0.62~dfsg-0.1)
33
devel_libuser: not-affected (1:0.62~dfsg-0.1)