CVE-2015-1336

Priority
Low
Description
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in
Ubuntu and Debian allows local users with access to the man account to gain
privileges via vectors involving insecure chown use.
References
Bugs
Package
Upstream:released (2.7.6.1-1)
Ubuntu 17.10 (Artful Aardvark):not-affected (2.7.6.1-1)
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 17.04 (Zesty Zapus):not-affected (2.7.6.1-1)
More Information

Updated: 2017-09-29 20:14:18 UTC (commit 13428)