github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-20 09:39:08 +00:00
Code Issues Projects Releases Wiki Activity

docs: add a security-events.md

Browse Source 
In the same vein as [1], let's start talking about security events. I
suppose we want to talk about security events as well as non-events,
though, to give a little discussion about post moretem. But we can rename
this to security-non-events if we want.

[1]: https://github.com/docker/docker.github.io/blob/master/engine/security/non-events.md

Signed-off-by: Tycho Andersen <tycho@docker.com>
This commit is contained in:
Tycho Andersen 2017-03-31 09:29:55 -06:00
parent c77d932321
commit ad7ddba0dc
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/security-events.md Normal file
View File

@ -0,0 +1,9 @@
The incomplete list below is an assement of some CVEs, and Moby's resillience
to them.
Bugs mitigated:
* [CVE-2017-2636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2636)
([exploit post](https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html)):
This CVE requires `CONFIG_N_HDLC={y|m}`, which Moby does not specify, and so
is not vulnerable.