Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a3c72919 by Salvatore Bonaccorso at 2019-07-14T11:43:04Z
Expand note for one undetermined older issue
All those are still very unclear, but apparently Nick Wellnhofer did
provide commits for the other related CVEs. For CVE-2016-4607 there is
no reference at all.
It is possible that all CVEs related to CVE-2016-4607 and following were
fixed upstream in the 1.1.29 release.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -157916,7 +157916,9 @@ CVE-2016-4608 (libxslt in Apple iOS before 9.3.3, OS
X before 10.11.6, iTunes be
NOTE:
https://gitlab.gnome.org/GNOME/libxslt/commit/5d0c6565bab5b9b7efceb33b626916d22b4101a7
(v1.1.29-rc1)
CVE-2016-4607 (libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes
before ...)
- libxslt <undetermined>
- NOTE: contacted Apple for more information, but no reply for quite a
while
+ NOTE: contacted Apple for more information, but no reply for quite a
while.
+ NOTE: Apple still does not provide information on this CVE, although it
is
+ NOTE: possible that it's fixed in 1.1.29 upstream.
CVE-2016-4606
RESERVED
CVE-2016-4605 (Calendar in Apple iOS before 9.3.3 allows remote attackers to
cause a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3c729191cf70136dfdad3c1c025d5aa0f2db038
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3c729191cf70136dfdad3c1c025d5aa0f2db038
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
